Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2020-11984
Vulnerability from cvelistv5
Published
2020-08-07 15:27
Modified
2024-08-04 11:48
Severity ?
EPSS score ?
Summary
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Apache HTTP Server |
Version: 2.4.32 to 2.4.44 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T11:48:57.555Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "name": "[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2020/08/08/1" }, { "name": "GLSA-202008-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202008-04" }, { "name": "[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2020/08/08/10" }, { "name": "[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2020/08/08/8" }, { "name": "[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2020/08/08/9" }, { "name": "[oss-security] 20200810 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2020/08/10/5" }, { "name": "[httpd-dev] 20200811 Which version fixed the CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993 vulnerabilities?", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r5debe8f82728a00a4a68bc904dd6c35423bdfc8d601cfb4579f38bf1%40%3Cdev.httpd.apache.org%3E" }, { "name": "[httpd-dev] 20200811 Re: Which version fixed the CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993 vulnerabilities?", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672%40%3Cdev.httpd.apache.org%3E" }, { "name": "[oss-security] 20200817 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2020/08/17/2" }, { "name": "USN-4458-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4458-1/" }, { "name": "openSUSE-SU-2020:1285", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00068.html" }, { "name": "openSUSE-SU-2020:1293", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.html" }, { "name": "FEDORA-2020-189a1e6c3e", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/" }, { "name": "DSA-4757", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2020/dsa-4757" }, { "name": "[debian-lts-announce] 20200902 [SECURITY] [DLA 2362-1] uwsgi security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00001.html" }, { "name": "FEDORA-2020-0d3d3f5072", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20200814-0005/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073143 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888194 [13/13] - /httpd/site/trunk/content/security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [12/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888199 - /httpd/site/trunk/content/security/vulnerabilities-httpd.xml", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r34753590ae8e3f2b6af689af4fe84269b592f5fda9f3244fd9abbce8%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [13/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073171 - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-11984.json security/json/CVE-2020-11993.json security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rf71eb428714374a6f9ad68952e23611ec7807b029fd6a1b4f5f732d9%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888228 - in /httpd/site/trunk/content/security/json: CVE-2020-11984.json CVE-2020-11993.json", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r2c6083f6a2027914a0f5b54e2a1f4fa98c03f8693b58460911818255%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210606 svn commit: r1075470 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Apache HTTP Server", "vendor": "n/a", "versions": [ { "status": "affected", "version": "2.4.32 to 2.4.44" } ] } ], "descriptions": [ { "lang": "en", "value": "Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE" } ], "problemTypes": [ { "descriptions": [ { "description": "mod_uwsgi buffer overflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-06T10:11:51", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "name": "[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2020/08/08/1" }, { "name": "GLSA-202008-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202008-04" }, { "name": "[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2020/08/08/10" }, { "name": "[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2020/08/08/8" }, { "name": "[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2020/08/08/9" }, { "name": "[oss-security] 20200810 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2020/08/10/5" }, { "name": "[httpd-dev] 20200811 Which version fixed the CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993 vulnerabilities?", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r5debe8f82728a00a4a68bc904dd6c35423bdfc8d601cfb4579f38bf1%40%3Cdev.httpd.apache.org%3E" }, { "name": "[httpd-dev] 20200811 Re: Which version fixed the CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993 vulnerabilities?", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672%40%3Cdev.httpd.apache.org%3E" }, { "name": "[oss-security] 20200817 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2020/08/17/2" }, { "name": "USN-4458-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4458-1/" }, { "name": "openSUSE-SU-2020:1285", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00068.html" }, { "name": "openSUSE-SU-2020:1293", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.html" }, { "name": "FEDORA-2020-189a1e6c3e", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/" }, { "name": "DSA-4757", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2020/dsa-4757" }, { "name": "[debian-lts-announce] 20200902 [SECURITY] [DLA 2362-1] uwsgi security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00001.html" }, { "name": "FEDORA-2020-0d3d3f5072", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20200814-0005/" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073143 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888194 [13/13] - /httpd/site/trunk/content/security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [12/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888199 - /httpd/site/trunk/content/security/vulnerabilities-httpd.xml", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r34753590ae8e3f2b6af689af4fe84269b592f5fda9f3244fd9abbce8%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [13/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073171 - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-11984.json security/json/CVE-2020-11993.json security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rf71eb428714374a6f9ad68952e23611ec7807b029fd6a1b4f5f732d9%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888228 - in /httpd/site/trunk/content/security/json: CVE-2020-11984.json CVE-2020-11993.json", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r2c6083f6a2027914a0f5b54e2a1f4fa98c03f8693b58460911818255%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210606 svn commit: r1075470 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@apache.org", "ID": "CVE-2020-11984", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Apache HTTP Server", "version": { "version_data": [ { "version_value": "2.4.32 to 2.4.44" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "mod_uwsgi buffer overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://httpd.apache.org/security/vulnerabilities_24.html", "refsource": "MISC", "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "name": "[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/08/08/1" }, { "name": "GLSA-202008-04", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202008-04" }, { "name": "[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/08/08/10" }, { "name": "[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/08/08/8" }, { "name": "[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/08/08/9" }, { "name": "[oss-security] 20200810 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/08/10/5" }, { "name": "[httpd-dev] 20200811 Which version fixed the CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993 vulnerabilities?", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r5debe8f82728a00a4a68bc904dd6c35423bdfc8d601cfb4579f38bf1@%3Cdev.httpd.apache.org%3E" }, { "name": "[httpd-dev] 20200811 Re: Which version fixed the CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993 vulnerabilities?", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672@%3Cdev.httpd.apache.org%3E" }, { "name": "[oss-security] 20200817 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/08/17/2" }, { "name": "USN-4458-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4458-1/" }, { "name": "openSUSE-SU-2020:1285", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00068.html" }, { "name": "openSUSE-SU-2020:1293", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.html" }, { "name": "FEDORA-2020-189a1e6c3e", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/" }, { "name": "DSA-4757", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2020/dsa-4757" }, { "name": "[debian-lts-announce] 20200902 [SECURITY] [DLA 2362-1] uwsgi security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00001.html" }, { "name": "FEDORA-2020-0d3d3f5072", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/" }, { "name": "https://www.oracle.com/security-alerts/cpuoct2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "name": "https://security.netapp.com/advisory/ntap-20200814-0005/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20200814-0005/" }, { "name": "http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html" }, { "name": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073143 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888194 [13/13] - /httpd/site/trunk/content/security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [12/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888199 - /httpd/site/trunk/content/security/vulnerabilities-httpd.xml", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r34753590ae8e3f2b6af689af4fe84269b592f5fda9f3244fd9abbce8@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [13/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073171 - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-11984.json security/json/CVE-2020-11993.json security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf71eb428714374a6f9ad68952e23611ec7807b029fd6a1b4f5f732d9@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888228 - in /httpd/site/trunk/content/security/json: CVE-2020-11984.json CVE-2020-11993.json", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r2c6083f6a2027914a0f5b54e2a1f4fa98c03f8693b58460911818255@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210606 svn commit: r1075470 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E" } ] } } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2020-11984", "datePublished": "2020-08-07T15:27:15", "dateReserved": "2020-04-21T00:00:00", "dateUpdated": "2024-08-04T11:48:57.555Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2020-11984\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2020-08-07T16:15:11.747\",\"lastModified\":\"2024-11-21T04:59:02.933\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE\"},{\"lang\":\"es\",\"value\":\"Apache HTTP server versiones 2.4.32 hasta 2.4.44, la funci\u00f3n mod_proxy_uwsgi divulga informaci\u00f3n y posible RCE\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.4.32\",\"versionEndIncluding\":\"2.4.43\",\"matchCriteriaId\":\"A580472F-7BC8-47CF-A076-8EE1F8E21B86\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FE996B1-6951-4F85-AA58-B99A379D2163\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"902B8056-9E37-443B-8905-8AA93E2447FB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F0FA5D-8D3B-4C0E-81E2-87998286AF33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36D96259-24BD-44E2-96D9-78CE1D41F956\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B009C22E-30A4-4288-BCF6-C3E81DEAF45A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.2.0\",\"versionEndIncluding\":\"8.2.2\",\"matchCriteriaId\":\"B51F78F4-8D7E-48C2-86D1-D53A6EB348A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.2.0\",\"versionEndIncluding\":\"8.2.2\",\"matchCriteriaId\":\"3E5416A1-EE58-415D-9645-B6A875EBAED2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.2.0\",\"versionEndIncluding\":\"8.2.2\",\"matchCriteriaId\":\"11B0C37E-D7C7-45F2-A8D8-5A3B1B191430\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B095CC03-7077-4A58-AB25-CC5380CDCE5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:hyperion_infrastructure_technology:11.1.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DED59B62-C9BF-4C0E-B351-3884E8441655\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82EA4BA7-C38B-4AF3-8914-9E3D089EBDD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9C9BC66-FA5F-4774-9BDA-7AB88E2839C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F69B9A5-F21B-4904-9F27-95C0F7A628E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3E503FB-6279-4D4A-91D8-E237ECF9D2B0\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00068.html\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.html\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html\",\"source\":\"security@apache.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2020/08/08/1\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2020/08/08/10\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2020/08/08/8\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2020/08/08/9\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2020/08/10/5\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2020/08/17/2\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://httpd.apache.org/security/vulnerabilities_24.html\",\"source\":\"security@apache.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r2c6083f6a2027914a0f5b54e2a1f4fa98c03f8693b58460911818255%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r34753590ae8e3f2b6af689af4fe84269b592f5fda9f3244fd9abbce8%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r5debe8f82728a00a4a68bc904dd6c35423bdfc8d601cfb4579f38bf1%40%3Cdev.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672%40%3Cdev.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rf71eb428714374a6f9ad68952e23611ec7807b029fd6a1b4f5f732d9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/09/msg00001.html\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/\",\"source\":\"security@apache.org\"},{\"url\":\"https://security.gentoo.org/glsa/202008-04\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20200814-0005/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4458-1/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2020/dsa-4757\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00068.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2020/08/08/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2020/08/08/10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2020/08/08/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2020/08/08/9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2020/08/10/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2020/08/17/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://httpd.apache.org/security/vulnerabilities_24.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r2c6083f6a2027914a0f5b54e2a1f4fa98c03f8693b58460911818255%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r34753590ae8e3f2b6af689af4fe84269b592f5fda9f3244fd9abbce8%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r5debe8f82728a00a4a68bc904dd6c35423bdfc8d601cfb4579f38bf1%40%3Cdev.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672%40%3Cdev.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rf71eb428714374a6f9ad68952e23611ec7807b029fd6a1b4f5f732d9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/09/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202008-04\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20200814-0005/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4458-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2020/dsa-4757\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
rhsa-2020_4383
Vulnerability from csaf_redhat
Published
2020-10-28 15:49
Modified
2024-11-22 15:29
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP5 security update
Notes
Topic
Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 5 zip release for RHEL 6, RHEL 7, RHEL 8 and Microsoft Windows is available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release adds the new Apache HTTP Server 2.4.37 Service Pack 5 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 4 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.
Security fix(es):
* curl: Integer overflows in curl_url_set() function (CVE-2019-5435)
* openssl: Integer overflow in RSAZ modular exponentiation on x86_64 (CVE-2019-1551)
* httpd: mod_http2 concurrent pool usage (CVE-2020-11993)
* httpd: mod_proxy_uswgi buffer overflow (CVE-2020-11984)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 5 zip release for RHEL 6, RHEL 7, RHEL 8 and Microsoft Windows is available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release adds the new Apache HTTP Server 2.4.37 Service Pack 5 packages that are part of the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 4 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity fix(es):\n\n* curl: Integer overflows in curl_url_set() function (CVE-2019-5435)\n* openssl: Integer overflow in RSAZ modular exponentiation on x86_64 (CVE-2019-1551)\n* httpd: mod_http2 concurrent pool usage (CVE-2020-11993)\n* httpd: mod_proxy_uswgi buffer overflow (CVE-2020-11984)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:4383", "url": "https://access.redhat.com/errata/RHSA-2020:4383" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1710609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710609" }, { "category": "external", "summary": "1780995", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1780995" }, { "category": "external", "summary": "1866563", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866563" }, { "category": "external", "summary": "1866564", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866564" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4383.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP5 security update", "tracking": { "current_release_date": "2024-11-22T15:29:12+00:00", "generator": { "date": "2024-11-22T15:29:12+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:4383", "initial_release_date": "2020-10-28T15:49:25+00:00", "revision_history": [ { "date": "2020-10-28T15:49:25+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-10-28T15:49:25+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T15:29:12+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Core Services 1", "product": { "name": "Red Hat JBoss Core Services 1", "product_id": "Red Hat JBoss Core Services 1", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_core_services:1" } } } ], "category": "product_family", "name": "Red Hat JBoss Core Services" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-1551", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2019-12-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1780995" } ], "notes": [ { "category": "description", "text": "An integer overflow was found in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. As per upstream:\r\n\r\n* No EC algorithms are affected. \r\n\r\n* Attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. \r\n\r\n* Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway.\r\n\r\n* Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME", "title": "Vulnerability description" }, { "category": "summary", "text": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", "title": "Vulnerability summary" }, { "category": "other", "text": "Accelerated modular exponentiation for Intel processors (RSAZ) was introduced in openssl-1.0.2, therefore older versions of OpenSSL are not affected by this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-1551" }, { "category": "external", "summary": "RHBZ#1780995", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1780995" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-1551", "url": "https://www.cve.org/CVERecord?id=CVE-2019-1551" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-1551", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1551" }, { "category": "external", "summary": "https://github.com/openssl/openssl/pull/10575", "url": "https://github.com/openssl/openssl/pull/10575" }, { "category": "external", "summary": "https://www.openssl.org/news/secadv/20191206.txt", "url": "https://www.openssl.org/news/secadv/20191206.txt" } ], "release_date": "2019-12-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-28T15:49:25+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4383" }, { "category": "workaround", "details": "For Red Hat Enterprise Linux 7, 512 bit DH is already disabled. As this bug is about leakage of the private key to the attacker, it should be fully sufficient to just not use 1024 bit RSA keys or 1024 bit DSA keys. These keys are not secure enough anyway. 3-prime RSA keys are not supported on RHEL-7.\n\nFor Red Hat Enterprise 8, The DEFAULT crypto policy already disables all these key sizes.\n\nAlso applications compiled with openssl which use the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME, other users of this API are not affected by this flaw.", "product_ids": [ "Red Hat JBoss Core Services 1" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64" }, { "acknowledgments": [ { "names": [ "the Curl project" ] }, { "names": [ "Wenchao Li" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2019-5435", "cwe": { "id": "CWE-131", "name": "Incorrect Calculation of Buffer Size" }, "discovery_date": "2019-05-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1710609" } ], "notes": [ { "category": "description", "text": "An integer overflow in curl\u0027s URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: Integer overflows in curl_url_set() function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-5435" }, { "category": "external", "summary": "RHBZ#1710609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-5435", "url": "https://www.cve.org/CVERecord?id=CVE-2019-5435" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-5435", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5435" } ], "release_date": "2019-05-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-28T15:49:25+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4383" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "curl: Integer overflows in curl_url_set() function" }, { "acknowledgments": [ { "names": [ "the Apache project" ] } ], "cve": "CVE-2020-11984", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-08-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1866563" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache httpd in versions 2.4.32 to 2.4.46. The uwsgi protocol does not serialize more than 16K of HTTP header leading to resource exhaustion and denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_proxy_uwsgi buffer overflow", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 5, 6, and 7 do not ship the vulnerable version of httpd and, thus, are not affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11984" }, { "category": "external", "summary": "RHBZ#1866563", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866563" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11984", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11984" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11984", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11984" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11984", "url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11984" } ], "release_date": "2020-08-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-28T15:49:25+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4383" }, { "category": "workaround", "details": "This flaw only affects specific httpd configurations which use the uwsgi protocol. It does not manifest itself when uwsgi protocol is not used. Commenting out \"LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so\" in /etc/httpd/conf.modules.d/00-proxy.conf will disable the loading of the vulnerable module.", "product_ids": [ "Red Hat JBoss Core Services 1" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: mod_proxy_uwsgi buffer overflow" }, { "acknowledgments": [ { "names": [ "the Apache project" ] } ], "cve": "CVE-2020-11993", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-08-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1866564" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache httpd in versions 2.4.20 to 2.4.43. Logging using the wrong pool by mod_http2 at debug/trace log level may lead to potential crashes and denial of service. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_http2 concurrent pool usage", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 5, 6, and 7 do not ship the vulnerable version of httpd and, thus, are not affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11993" }, { "category": "external", "summary": "RHBZ#1866564", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866564" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11993", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11993" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11993", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11993" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11993", "url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11993" } ], "release_date": "2020-08-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-28T15:49:25+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4383" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: mod_http2 concurrent pool usage" } ] }
rhba-2020_5280
Vulnerability from csaf_redhat
Published
2020-12-01 12:06
Modified
2024-11-15 08:23
Summary
Red Hat Bug Fix Advisory: httpd24 bug fix and enhancement update
Notes
Topic
Updated httpd24 packages are now available as a part of Red Hat Software Collections for Red Hat Enterprise Linux.
Details
The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with the mod_auth_kerb module.
The httpd24 packages have been updated with Red Hat Software Collections 3.6.
For detailed information on changes in this release, see the Red Hat Software Collections 3.6 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated httpd24 packages are now available as a part of Red Hat Software Collections for Red Hat Enterprise Linux.", "title": "Topic" }, { "category": "general", "text": "The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with the mod_auth_kerb module.\n\nThe httpd24 packages have been updated with Red Hat Software Collections 3.6. \n\nFor detailed information on changes in this release, see the Red Hat Software Collections 3.6 Release Notes linked from the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHBA-2020:5280", "url": "https://access.redhat.com/errata/RHBA-2020:5280" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_software_collections/3/html/3.6_release_notes/", "url": "https://access.redhat.com/documentation/en-us/red_hat_software_collections/3/html/3.6_release_notes/" }, { "category": "external", "summary": "1600579", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1600579" }, { "category": "external", "summary": "1607737", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1607737" }, { "category": "external", "summary": "1637891", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1637891" }, { "category": "external", "summary": "1823836", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1823836" }, { "category": "external", "summary": "1828812", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828812" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhba-2020_5280.json" } ], "title": "Red Hat Bug Fix Advisory: httpd24 bug fix and enhancement update", "tracking": { "current_release_date": "2024-11-15T08:23:36+00:00", "generator": { "date": "2024-11-15T08:23:36+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHBA-2020:5280", "initial_release_date": "2020-12-01T12:06:08+00:00", "revision_history": [ { "date": "2020-12-01T12:06:08+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-12-01T12:06:08+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T08:23:36+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7" } } }, { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7" } } }, { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7" } } }, { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7" } } } ], "category": "product_family", "name": "Red Hat Software Collections" }, { "branches": [ { "category": "product_version", "name": "httpd24-httpd-0:2.4.34-22.el7.x86_64", "product": { "name": "httpd24-httpd-0:2.4.34-22.el7.x86_64", "product_id": "httpd24-httpd-0:2.4.34-22.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-httpd@2.4.34-22.el7?arch=x86_64" } } }, { "category": "product_version", "name": "httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "product": { "name": "httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "product_id": "httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-httpd-devel@2.4.34-22.el7?arch=x86_64" } } }, { "category": "product_version", "name": "httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "product": { "name": "httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "product_id": "httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-httpd-tools@2.4.34-22.el7?arch=x86_64" } } }, { "category": "product_version", "name": "httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "product": { "name": "httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "product_id": "httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-mod_ldap@2.4.34-22.el7?arch=x86_64" } } }, { "category": "product_version", "name": "httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "product": { "name": "httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "product_id": "httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-mod_proxy_html@2.4.34-22.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "httpd24-mod_session-0:2.4.34-22.el7.x86_64", "product": { "name": "httpd24-mod_session-0:2.4.34-22.el7.x86_64", "product_id": "httpd24-mod_session-0:2.4.34-22.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-mod_session@2.4.34-22.el7?arch=x86_64" } } }, { "category": "product_version", "name": "httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "product": { "name": "httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "product_id": "httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-mod_ssl@2.4.34-22.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "product": { "name": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "product_id": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-httpd-debuginfo@2.4.34-22.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "httpd24-httpd-0:2.4.34-22.el7.src", "product": { "name": "httpd24-httpd-0:2.4.34-22.el7.src", "product_id": "httpd24-httpd-0:2.4.34-22.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-httpd@2.4.34-22.el7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "product": { "name": "httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "product_id": "httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-httpd-manual@2.4.34-22.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "httpd24-httpd-0:2.4.34-22.el7.ppc64le", "product": { "name": "httpd24-httpd-0:2.4.34-22.el7.ppc64le", "product_id": "httpd24-httpd-0:2.4.34-22.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-httpd@2.4.34-22.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "product": { "name": "httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "product_id": "httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-httpd-devel@2.4.34-22.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "product": { "name": "httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "product_id": "httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-httpd-tools@2.4.34-22.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "product": { "name": "httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "product_id": "httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-mod_ldap@2.4.34-22.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "product": { "name": "httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "product_id": "httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-mod_proxy_html@2.4.34-22.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "product": { "name": "httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "product_id": "httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-mod_session@2.4.34-22.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "product": { "name": "httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "product_id": "httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-mod_ssl@2.4.34-22.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "product": { "name": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "product_id": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-httpd-debuginfo@2.4.34-22.el7?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "httpd24-httpd-0:2.4.34-22.el7.s390x", "product": { "name": "httpd24-httpd-0:2.4.34-22.el7.s390x", "product_id": "httpd24-httpd-0:2.4.34-22.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-httpd@2.4.34-22.el7?arch=s390x" } } }, { "category": "product_version", "name": "httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "product": { "name": "httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "product_id": "httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-httpd-devel@2.4.34-22.el7?arch=s390x" } } }, { "category": "product_version", "name": "httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "product": { "name": "httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "product_id": "httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-httpd-tools@2.4.34-22.el7?arch=s390x" } } }, { "category": "product_version", "name": "httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "product": { "name": "httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "product_id": "httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-mod_ldap@2.4.34-22.el7?arch=s390x" } } }, { "category": "product_version", "name": "httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "product": { "name": "httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "product_id": "httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-mod_proxy_html@2.4.34-22.el7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "httpd24-mod_session-0:2.4.34-22.el7.s390x", "product": { "name": "httpd24-mod_session-0:2.4.34-22.el7.s390x", "product_id": "httpd24-mod_session-0:2.4.34-22.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-mod_session@2.4.34-22.el7?arch=s390x" } } }, { "category": "product_version", "name": "httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "product": { "name": "httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "product_id": "httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-mod_ssl@2.4.34-22.el7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "product": { "name": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "product_id": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd24-httpd-debuginfo@2.4.34-22.el7?arch=s390x" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-httpd-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-httpd-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-0:2.4.34-22.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.src" }, "product_reference": "httpd24-httpd-0:2.4.34-22.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-httpd-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-devel-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-devel-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-manual-0:2.4.34-22.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-manual-0:2.4.34-22.el7.noarch" }, "product_reference": "httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-tools-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-tools-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ldap-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ldap-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_session-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_session-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-mod_session-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_session-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-mod_session-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ssl-1:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ssl-1:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-httpd-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-httpd-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-0:2.4.34-22.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.src" }, "product_reference": "httpd24-httpd-0:2.4.34-22.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-httpd-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-devel-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-devel-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-manual-0:2.4.34-22.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-manual-0:2.4.34-22.el7.noarch" }, "product_reference": "httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-tools-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-tools-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ldap-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ldap-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_session-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_session-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-mod_session-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_session-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-mod_session-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ssl-1:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ssl-1:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-httpd-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-httpd-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-0:2.4.34-22.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.src" }, "product_reference": "httpd24-httpd-0:2.4.34-22.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-httpd-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-devel-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-devel-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-manual-0:2.4.34-22.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-httpd-manual-0:2.4.34-22.el7.noarch" }, "product_reference": "httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-tools-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-tools-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ldap-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ldap-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_session-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_session-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-mod_session-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_session-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-mod_session-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ssl-1:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ssl-1:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-httpd-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-httpd-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-0:2.4.34-22.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.src" }, "product_reference": "httpd24-httpd-0:2.4.34-22.el7.src", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-httpd-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-devel-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-devel-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-manual-0:2.4.34-22.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-httpd-manual-0:2.4.34-22.el7.noarch" }, "product_reference": "httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-tools-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-httpd-tools-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ldap-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ldap-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_session-0:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_session-0:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-mod_session-0:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_session-0:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-mod_session-0:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le" }, "product_reference": "httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ssl-1:2.4.34-22.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.s390x" }, "product_reference": "httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd24-mod_ssl-1:2.4.34-22.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64" }, "product_reference": "httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.6" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Apache project" ] } ], "cve": "CVE-2020-11984", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-08-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1866563" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache httpd in versions 2.4.32 to 2.4.46. The uwsgi protocol does not serialize more than 16K of HTTP header leading to resource exhaustion and denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_proxy_uwsgi buffer overflow", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 5, 6, and 7 do not ship the vulnerable version of httpd and, thus, are not affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.src", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.src", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.src", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.src", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11984" }, { "category": "external", "summary": "RHBZ#1866563", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866563" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11984", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11984" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11984", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11984" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11984", "url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11984" } ], "release_date": "2020-08-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-12-01T12:06:08+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.src", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.src", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.src", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.src", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:5280" }, { "category": "workaround", "details": "This flaw only affects specific httpd configurations which use the uwsgi protocol. It does not manifest itself when uwsgi protocol is not used. Commenting out \"LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so\" in /etc/httpd/conf.modules.d/00-proxy.conf will disable the loading of the vulnerable module.", "product_ids": [ "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.src", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.src", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.src", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.src", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.src", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.src", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.src", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.src", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: mod_proxy_uwsgi buffer overflow" }, { "acknowledgments": [ { "names": [ "the Apache project" ] } ], "cve": "CVE-2020-11993", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-08-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1866564" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache httpd in versions 2.4.20 to 2.4.43. Logging using the wrong pool by mod_http2 at debug/trace log level may lead to potential crashes and denial of service. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_http2 concurrent pool usage", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 5, 6, and 7 do not ship the vulnerable version of httpd and, thus, are not affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.src", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.src", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.src", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.src", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11993" }, { "category": "external", "summary": "RHBZ#1866564", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866564" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11993", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11993" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11993", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11993" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11993", "url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11993" } ], "release_date": "2020-08-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-12-01T12:06:08+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.src", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.src", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.src", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.src", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:5280" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.src", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.6.Z:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.src", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6-7.7.Z:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.src", "7Server-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Server-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.src", "7Workstation-RHSCL-3.6:httpd24-httpd-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-debuginfo-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-devel-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-httpd-manual-0:2.4.34-22.el7.noarch", "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-httpd-tools-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_ldap-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_proxy_html-1:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_session-0:2.4.34-22.el7.x86_64", "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.ppc64le", "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.s390x", "7Workstation-RHSCL-3.6:httpd24-mod_ssl-1:2.4.34-22.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: mod_http2 concurrent pool usage" } ] }
rhsa-2020_4384
Vulnerability from csaf_redhat
Published
2020-10-28 16:02
Modified
2024-11-22 15:29
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP5 security update
Notes
Topic
Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release adds the new Apache HTTP Server 2.4.37 Service Pack 5 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 3 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.
Security fix(es):
* curl: Integer overflows in curl_url_set() function (CVE-2019-5435)
* openssl: Integer overflow in RSAZ modular exponentiation on x86_64 (CVE-2019-1551)
* httpd: mod_http2 concurrent pool usage (CVE-2020-11993)
* httpd: mod_proxy_uswgi buffer overflow (CVE-2020-11984)
* httpd: allow connecting via SSL to a backend worker when the backend keystore file's ID is 'unknown' (CVE-2020-25680)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "This release adds the new Apache HTTP Server 2.4.37 Service Pack 5 packages that are part of the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 3 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity fix(es):\n\n* curl: Integer overflows in curl_url_set() function (CVE-2019-5435)\n* openssl: Integer overflow in RSAZ modular exponentiation on x86_64 (CVE-2019-1551)\n* httpd: mod_http2 concurrent pool usage (CVE-2020-11993)\n* httpd: mod_proxy_uswgi buffer overflow (CVE-2020-11984)\n* httpd: allow connecting via SSL to a backend worker when the backend keystore file\u0027s ID is \u0027unknown\u0027 (CVE-2020-25680)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:4384", "url": "https://access.redhat.com/errata/RHSA-2020:4384" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1710609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710609" }, { "category": "external", "summary": "1780995", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1780995" }, { "category": "external", "summary": "1866563", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866563" }, { "category": "external", "summary": "1866564", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866564" }, { "category": "external", "summary": "1892703", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1892703" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4384.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP5 security update", "tracking": { "current_release_date": "2024-11-22T15:29:20+00:00", "generator": { "date": "2024-11-22T15:29:20+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:4384", "initial_release_date": "2020-10-28T16:02:45+00:00", "revision_history": [ { "date": "2020-10-28T16:02:45+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-11-04T14:58:19+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T15:29:20+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Core Services on RHEL 7 Server", "product": { "name": "Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_core_services:1::el7" } } }, { "category": "product_name", "name": "Red Hat JBoss Core Services on RHEL 6 Server", "product": { "name": "Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_core_services:1::el6" } } } ], "category": "product_family", "name": "Red Hat JBoss Core Services" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-brotli@1.0.6-38.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-brotli-devel@1.0.6-38.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-brotli-debuginfo@1.0.6-38.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1c-32.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.1.1c-32.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.1.1c-32.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.1.1c-32.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.1.1c-32.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.1.1c-32.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-34.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.39.2-34.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.39.2-34.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-64.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.37-64.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.37-64.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.37-64.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.37-64.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.37-64.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.37-64.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.37-64.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.37-64.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.14-11.Final_redhat_2.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.14-11.Final_redhat_2.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-30.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.0.8-30.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-57.GA.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.2-57.GA.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.48-10.redhat_1.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.48-10.redhat_1.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.48-10.redhat_1.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-11.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.7-11.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-1.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil-debuginfo@1.0.0-1.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-104.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-devel@1.6.3-104.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo@1.6.3-104.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-75.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-75.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-75.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-75.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-75.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-75.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-75.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-75.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-75.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-75.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-44.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.64.1-44.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.64.1-44.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.64.1-44.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-jansson@2.11-53.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-jansson-devel@2.11-53.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-jansson-debuginfo@2.11-53.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-brotli@1.0.6-38.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-brotli-devel@1.0.6-38.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-brotli-debuginfo@1.0.6-38.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1c-32.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.1.1c-32.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.1.1c-32.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.1.1c-32.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.1.1c-32.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.1.1c-32.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-34.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.39.2-34.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.39.2-34.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-64.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.37-64.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.37-64.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.37-64.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.37-64.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.37-64.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.37-64.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.37-64.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.37-64.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.14-11.Final_redhat_2.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.14-11.Final_redhat_2.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-30.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.0.8-30.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.48-10.redhat_1.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.48-10.redhat_1.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.48-10.redhat_1.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-57.GA.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.2-57.GA.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-11.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.7-11.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-104.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-devel@1.6.3-104.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo@1.6.3-104.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-75.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-75.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-75.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-75.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-75.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-75.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-75.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-75.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-75.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-75.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-44.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.64.1-44.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.64.1-44.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.64.1-44.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-jansson@2.11-53.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-jansson-devel@2.11-53.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-jansson-debuginfo@2.11-53.jbcs.el6?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "product": { "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "product_id": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-brotli@1.0.6-38.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "product": { "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "product_id": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1c-32.jbcs.el7?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "product": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "product_id": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-34.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "product": { "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "product_id": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-64.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "product": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.14-11.Final_redhat_2.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "product": { "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "product_id": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-30.jbcs.el7?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "product": { "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "product_id": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-57.GA.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "product": { "name": "jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "product_id": "jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-10.redhat_1.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "product": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "product_id": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-11.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "product": { "name": "jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-1.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "product": { "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "product_id": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-104.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "product": { "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "product_id": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-75.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "product": { "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "product_id": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-44.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "product": { "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "product_id": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-jansson@2.11-53.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "product": { "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "product_id": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-brotli@1.0.6-38.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "product": { "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "product_id": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1c-32.jbcs.el6?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "product": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "product_id": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-34.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "product": { "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "product_id": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-64.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "product": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.14-11.Final_redhat_2.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "product": { "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "product_id": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-30.jbcs.el6?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "product": { "name": "jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "product_id": "jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-10.redhat_1.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "product": { "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "product_id": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-57.GA.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "product": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "product_id": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-11.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "product": { "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "product_id": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-104.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "product": { "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "product_id": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-75.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "product": { "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "product_id": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-44.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "product": { "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "product_id": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-jansson@2.11-53.jbcs.el6?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "product": { "name": "jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "product_id": "jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.37-64.jbcs.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "product": { "name": "jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "product_id": "jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.37-64.jbcs.el6?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "product_id": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-brotli@1.0.6-38.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "product_id": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-brotli-devel@1.0.6-38.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "product_id": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-brotli-debuginfo@1.0.6-38.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1c-32.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.1.1c-32.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.1.1c-32.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.1.1c-32.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.1.1c-32.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.1.1c-32.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "product_id": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-34.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "product_id": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.39.2-34.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.39.2-34.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "product_id": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-64.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "product_id": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.37-64.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "product_id": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.37-64.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "product_id": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.37-64.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.37-64.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.37-64.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.37-64.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.37-64.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.37-64.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.14-11.Final_redhat_2.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.14-11.Final_redhat_2.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-30.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.0.8-30.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.48-10.redhat_1.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.48-10.redhat_1.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.48-10.redhat_1.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-57.GA.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.2-57.GA.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-11.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.7-11.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-104.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-devel@1.6.3-104.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo@1.6.3-104.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-75.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-75.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-75.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-75.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-75.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-75.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-75.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-75.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-75.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-75.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "product_id": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-44.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "product_id": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.64.1-44.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "product_id": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.64.1-44.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "product_id": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.64.1-44.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "product_id": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-jansson@2.11-53.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "product_id": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-jansson-devel@2.11-53.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "product_id": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-jansson-debuginfo@2.11-53.jbcs.el6?arch=i686" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch" }, "product_reference": "jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch" }, "product_reference": "jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-1551", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2019-12-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1780995" } ], "notes": [ { "category": "description", "text": "An integer overflow was found in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. As per upstream:\r\n\r\n* No EC algorithms are affected. \r\n\r\n* Attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. \r\n\r\n* Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway.\r\n\r\n* Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME", "title": "Vulnerability description" }, { "category": "summary", "text": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", "title": "Vulnerability summary" }, { "category": "other", "text": "Accelerated modular exponentiation for Intel processors (RSAZ) was introduced in openssl-1.0.2, therefore older versions of OpenSSL are not affected by this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-1551" }, { "category": "external", "summary": "RHBZ#1780995", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1780995" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-1551", "url": "https://www.cve.org/CVERecord?id=CVE-2019-1551" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-1551", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1551" }, { "category": "external", "summary": "https://github.com/openssl/openssl/pull/10575", "url": "https://github.com/openssl/openssl/pull/10575" }, { "category": "external", "summary": "https://www.openssl.org/news/secadv/20191206.txt", "url": "https://www.openssl.org/news/secadv/20191206.txt" } ], "release_date": "2019-12-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-28T16:02:45+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4384" }, { "category": "workaround", "details": "For Red Hat Enterprise Linux 7, 512 bit DH is already disabled. As this bug is about leakage of the private key to the attacker, it should be fully sufficient to just not use 1024 bit RSA keys or 1024 bit DSA keys. These keys are not secure enough anyway. 3-prime RSA keys are not supported on RHEL-7.\n\nFor Red Hat Enterprise 8, The DEFAULT crypto policy already disables all these key sizes.\n\nAlso applications compiled with openssl which use the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME, other users of this API are not affected by this flaw.", "product_ids": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64" }, { "acknowledgments": [ { "names": [ "the Curl project" ] }, { "names": [ "Wenchao Li" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2019-5435", "cwe": { "id": "CWE-131", "name": "Incorrect Calculation of Buffer Size" }, "discovery_date": "2019-05-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1710609" } ], "notes": [ { "category": "description", "text": "An integer overflow in curl\u0027s URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: Integer overflows in curl_url_set() function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-5435" }, { "category": "external", "summary": "RHBZ#1710609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-5435", "url": "https://www.cve.org/CVERecord?id=CVE-2019-5435" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-5435", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5435" } ], "release_date": "2019-05-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-28T16:02:45+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4384" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "curl: Integer overflows in curl_url_set() function" }, { "acknowledgments": [ { "names": [ "the Apache project" ] } ], "cve": "CVE-2020-11984", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-08-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1866563" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache httpd in versions 2.4.32 to 2.4.46. The uwsgi protocol does not serialize more than 16K of HTTP header leading to resource exhaustion and denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_proxy_uwsgi buffer overflow", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 5, 6, and 7 do not ship the vulnerable version of httpd and, thus, are not affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11984" }, { "category": "external", "summary": "RHBZ#1866563", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866563" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11984", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11984" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11984", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11984" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11984", "url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11984" } ], "release_date": "2020-08-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-28T16:02:45+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4384" }, { "category": "workaround", "details": "This flaw only affects specific httpd configurations which use the uwsgi protocol. It does not manifest itself when uwsgi protocol is not used. Commenting out \"LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so\" in /etc/httpd/conf.modules.d/00-proxy.conf will disable the loading of the vulnerable module.", "product_ids": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: mod_proxy_uwsgi buffer overflow" }, { "acknowledgments": [ { "names": [ "the Apache project" ] } ], "cve": "CVE-2020-11993", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-08-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1866564" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache httpd in versions 2.4.20 to 2.4.43. Logging using the wrong pool by mod_http2 at debug/trace log level may lead to potential crashes and denial of service. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_http2 concurrent pool usage", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 5, 6, and 7 do not ship the vulnerable version of httpd and, thus, are not affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11993" }, { "category": "external", "summary": "RHBZ#1866564", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866564" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11993", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11993" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11993", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11993" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11993", "url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11993" } ], "release_date": "2020-08-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-28T16:02:45+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4384" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: mod_http2 concurrent pool usage" }, { "acknowledgments": [ { "names": [ "Paul Lodge" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2020-25680", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2020-10-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1892703" } ], "notes": [ { "category": "description", "text": "A flaw was found in JBCS httpd in version 2.4.37 SP3, where it uses a back-end worker SSL certificate with the keystore file\u0027s ID is \u0027unknown\u0027. The validation of the certificate whether CN and hostname are matching stopped working and allow connecting to the back-end work. The highest threat from this vulnerability is to data integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: allow connecting via SSL to a backend worker when the backend keystore file\u0027s ID is \u0027unknown\u0027", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-25680" }, { "category": "external", "summary": "RHBZ#1892703", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1892703" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-25680", "url": "https://www.cve.org/CVERecord?id=CVE-2020-25680" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25680", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25680" } ], "release_date": "2020-10-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-28T16:02:45+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4384" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "httpd: allow connecting via SSL to a backend worker when the backend keystore file\u0027s ID is \u0027unknown\u0027" } ] }
rhsa-2021_1809
Vulnerability from csaf_redhat
Published
2021-05-18 14:25
Modified
2024-11-15 08:43
Summary
Red Hat Security Advisory: httpd:2.4 security, bug fix, and enhancement update
Notes
Topic
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: mod_session_cookie does not respect expiry time (CVE-2018-17199)
* httpd: mod_proxy_uwsgi buffer overflow (CVE-2020-11984)
* httpd: mod_http2 concurrent pool usage (CVE-2020-11993)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: mod_session_cookie does not respect expiry time (CVE-2018-17199)\n\n* httpd: mod_proxy_uwsgi buffer overflow (CVE-2020-11984)\n\n* httpd: mod_http2 concurrent pool usage (CVE-2020-11993)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:1809", "url": "https://access.redhat.com/errata/RHSA-2021:1809" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/", "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/" }, { "category": "external", "summary": "1651376", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1651376" }, { "category": "external", "summary": "1668493", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668493" }, { "category": "external", "summary": "1680118", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1680118" }, { "category": "external", "summary": "1847585", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847585" }, { "category": "external", "summary": "1866563", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866563" }, { "category": "external", "summary": "1866564", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866564" }, { "category": "external", "summary": "1872828", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1872828" }, { "category": "external", "summary": "1875844", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875844" }, { "category": "external", "summary": "1891594", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891594" }, { "category": "external", "summary": "1891829", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891829" }, { "category": "external", "summary": "1918741", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918741" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_1809.json" } ], "title": "Red Hat Security Advisory: httpd:2.4 security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-15T08:43:01+00:00", "generator": { "date": "2024-11-15T08:43:01+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:1809", "initial_release_date": "2021-05-18T14:25:00+00:00", "revision_history": [ { "date": "2021-05-18T14:25:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-05-18T14:25:00+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T08:43:01+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "httpd:2.4:8040020210127115317:9f9e2e7e", "product": { "name": "httpd:2.4:8040020210127115317:9f9e2e7e", "product_id": "httpd:2.4:8040020210127115317:9f9e2e7e", "product_identification_helper": { "purl": "pkg:rpmmod/redhat/httpd@2.4:8040020210127115317:9f9e2e7e" } } }, { "category": "product_version", "name": "httpd-filesystem-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "product": { "name": "httpd-filesystem-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "product_id": "httpd-filesystem-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-filesystem@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=noarch" } } }, { "category": "product_version", "name": "httpd-manual-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "product": { "name": "httpd-manual-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "product_id": "httpd-manual-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-manual@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product": { "name": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_id": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=aarch64" } } }, { "category": "product_version", "name": "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product": { "name": "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_id": "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=aarch64" } } }, { "category": "product_version", "name": "httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product": { "name": "httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_id": "httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=aarch64" } } }, { "category": "product_version", "name": "httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product": { "name": "httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_id": "httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-devel@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=aarch64" } } }, { "category": "product_version", "name": "httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product": { "name": "httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_id": "httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-tools@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=aarch64" } } }, { "category": "product_version", "name": "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product": { "name": "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_id": "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=aarch64" } } }, { "category": "product_version", "name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "product": { "name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "product_id": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=aarch64" } } }, { "category": "product_version", "name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "product": { "name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "product_id": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=aarch64" } } }, { "category": "product_version", "name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "product": { "name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "product_id": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=aarch64" } } }, { "category": "product_version", "name": "mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product": { "name": "mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_id": "mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=aarch64" } } }, { "category": "product_version", "name": "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product": { "name": "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_id": "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=aarch64" } } }, { "category": "product_version", "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "product": { "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "product": { "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "product": { "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product": { "name": "mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_id": "mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product": { "name": "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_id": "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product": { "name": "mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_id": "mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_session@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=aarch64" } } }, { "category": "product_version", "name": "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product": { "name": "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_id": "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=aarch64" } } }, { "category": "product_version", "name": "mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product": { "name": "mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_id": "mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product": { "name": "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_id": "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=aarch64\u0026epoch=1" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.src", "product": { "name": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.src", "product_id": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=src" } } }, { "category": "product_version", "name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src", "product": { "name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src", "product_id": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=src" } } }, { "category": "product_version", "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "product": { "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=src\u0026epoch=1" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product": { "name": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_id": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=ppc64le" } } }, { "category": "product_version", "name": "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product": { "name": "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_id": "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=ppc64le" } } }, { "category": "product_version", "name": "httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product": { "name": "httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_id": "httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=ppc64le" } } }, { "category": "product_version", "name": "httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product": { "name": "httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_id": "httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-devel@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=ppc64le" } } }, { "category": "product_version", "name": "httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product": { "name": "httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_id": "httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-tools@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=ppc64le" } } }, { "category": "product_version", "name": "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product": { "name": "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_id": "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=ppc64le" } } }, { "category": "product_version", "name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "product": { "name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "product_id": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=ppc64le" } } }, { "category": "product_version", "name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "product": { "name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "product_id": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=ppc64le" } } }, { "category": "product_version", "name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "product": { "name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "product_id": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=ppc64le" } } }, { "category": "product_version", "name": "mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product": { "name": "mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_id": "mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=ppc64le" } } }, { "category": "product_version", "name": "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product": { "name": "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_id": "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=ppc64le" } } }, { "category": "product_version", "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "product": { "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "product": { "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "product": { "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product": { "name": "mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_id": "mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product": { "name": "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_id": "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product": { "name": "mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_id": "mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_session@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=ppc64le" } } }, { "category": "product_version", "name": "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product": { "name": "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_id": "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=ppc64le" } } }, { "category": "product_version", "name": "mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product": { "name": "mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_id": "mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product": { "name": "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_id": "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=ppc64le\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product": { "name": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_id": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=s390x" } } }, { "category": "product_version", "name": "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product": { "name": "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_id": "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=s390x" } } }, { "category": "product_version", "name": "httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product": { "name": "httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_id": "httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=s390x" } } }, { "category": "product_version", "name": "httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product": { "name": "httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_id": "httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-devel@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=s390x" } } }, { "category": "product_version", "name": "httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product": { "name": "httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_id": "httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-tools@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=s390x" } } }, { "category": "product_version", "name": "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product": { "name": "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_id": "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=s390x" } } }, { "category": "product_version", "name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "product": { "name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "product_id": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=s390x" } } }, { "category": "product_version", "name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "product": { "name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "product_id": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=s390x" } } }, { "category": "product_version", "name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "product": { "name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "product_id": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=s390x" } } }, { "category": "product_version", "name": "mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product": { "name": "mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_id": "mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=s390x" } } }, { "category": "product_version", "name": "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product": { "name": "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_id": "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=s390x" } } }, { "category": "product_version", "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "product": { "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "product": { "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "product": { "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product": { "name": "mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_id": "mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product": { "name": "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_id": "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product": { "name": "mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_id": "mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_session@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=s390x" } } }, { "category": "product_version", "name": "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product": { "name": "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_id": "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=s390x" } } }, { "category": "product_version", "name": "mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product": { "name": "mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_id": "mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product": { "name": "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_id": "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product": { "name": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_id": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=x86_64" } } }, { "category": "product_version", "name": "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product": { "name": "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_id": "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=x86_64" } } }, { "category": "product_version", "name": "httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product": { "name": "httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_id": "httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=x86_64" } } }, { "category": "product_version", "name": "httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product": { "name": "httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_id": "httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-devel@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=x86_64" } } }, { "category": "product_version", "name": "httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product": { "name": "httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_id": "httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-tools@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=x86_64" } } }, { "category": "product_version", "name": "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product": { "name": "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_id": "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=x86_64" } } }, { "category": "product_version", "name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "product": { "name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "product_id": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=x86_64" } } }, { "category": "product_version", "name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "product": { "name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "product_id": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=x86_64" } } }, { "category": "product_version", "name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "product": { "name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "product_id": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=x86_64" } } }, { "category": "product_version", "name": "mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product": { "name": "mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_id": "mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=x86_64" } } }, { "category": "product_version", "name": "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product": { "name": "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_id": "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=x86_64" } } }, { "category": "product_version", "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "product": { "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "product": { "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "product": { "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product": { "name": "mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_id": "mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product": { "name": "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_id": "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product": { "name": "mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_id": "mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_session@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=x86_64" } } }, { "category": "product_version", "name": "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product": { "name": "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_id": "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=x86_64" } } }, { "category": "product_version", "name": "mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product": { "name": "mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_id": "mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product": { "name": "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_id": "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-39.module%2Bel8.4.0%2B9658%2Bb87b2deb?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, "product_reference": "httpd:2.4:8040020210127115317:9f9e2e7e", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64" }, "product_reference": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le" }, "product_reference": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x" }, "product_reference": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.src as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.src" }, "product_reference": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.src", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" }, "product_reference": "httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64" }, "product_reference": "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le" }, "product_reference": "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x" }, "product_reference": "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" }, "product_reference": "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64" }, "product_reference": "httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le" }, "product_reference": "httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x" }, "product_reference": "httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" }, "product_reference": "httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64" }, "product_reference": "httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le" }, "product_reference": "httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x" }, "product_reference": "httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" }, "product_reference": "httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-filesystem-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-filesystem-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch" }, "product_reference": "httpd-filesystem-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-manual-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-manual-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch" }, "product_reference": "httpd-manual-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64" }, "product_reference": "httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le" }, "product_reference": "httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x" }, "product_reference": "httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" }, "product_reference": "httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64" }, "product_reference": "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le" }, "product_reference": "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x" }, "product_reference": "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" }, "product_reference": "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64" }, "product_reference": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le" }, "product_reference": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x" }, "product_reference": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src" }, "product_reference": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64" }, "product_reference": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64" }, "product_reference": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le" }, "product_reference": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x" }, "product_reference": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64" }, "product_reference": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64" }, "product_reference": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le" }, "product_reference": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x" }, "product_reference": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64" }, "product_reference": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64" }, "product_reference": "mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le" }, "product_reference": "mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x" }, "product_reference": "mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" }, "product_reference": "mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64" }, "product_reference": "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le" }, "product_reference": "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x" }, "product_reference": "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" }, "product_reference": "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64" }, "product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le" }, "product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x" }, "product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src" }, "product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64" }, "product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64" }, "product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le" }, "product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x" }, "product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64" }, "product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64" }, "product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le" }, "product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x" }, "product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64" }, "product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64" }, "product_reference": "mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le" }, "product_reference": "mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x" }, "product_reference": "mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" }, "product_reference": "mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64" }, "product_reference": "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le" }, "product_reference": "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x" }, "product_reference": "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" }, "product_reference": "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64" }, "product_reference": "mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le" }, "product_reference": "mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x" }, "product_reference": "mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" }, "product_reference": "mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64" }, "product_reference": "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le" }, "product_reference": "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x" }, "product_reference": "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" }, "product_reference": "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64" }, "product_reference": "mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le" }, "product_reference": "mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x" }, "product_reference": "mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" }, "product_reference": "mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64" }, "product_reference": "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le" }, "product_reference": "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x" }, "product_reference": "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64 as a component of httpd:2.4:8040020210127115317:9f9e2e7e as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" }, "product_reference": "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-17199", "cwe": { "id": "CWE-613", "name": "Insufficient Session Expiration" }, "discovery_date": "2019-01-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1668493" } ], "notes": [ { "category": "description", "text": "In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_session_cookie does not respect expiry time", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-filesystem-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-manual-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-17199" }, { "category": "external", "summary": "RHBZ#1668493", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668493" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-17199", "url": "https://www.cve.org/CVERecord?id=CVE-2018-17199" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-17199", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17199" } ], "release_date": "2019-01-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-05-18T14:25:00+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.", "product_ids": [ "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-filesystem-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-manual-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:1809" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-filesystem-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-manual-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: mod_session_cookie does not respect expiry time" }, { "acknowledgments": [ { "names": [ "the Apache project" ] } ], "cve": "CVE-2020-11984", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-08-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1866563" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache httpd in versions 2.4.32 to 2.4.46. The uwsgi protocol does not serialize more than 16K of HTTP header leading to resource exhaustion and denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_proxy_uwsgi buffer overflow", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 5, 6, and 7 do not ship the vulnerable version of httpd and, thus, are not affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-filesystem-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-manual-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11984" }, { "category": "external", "summary": "RHBZ#1866563", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866563" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11984", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11984" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11984", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11984" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11984", "url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11984" } ], "release_date": "2020-08-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-05-18T14:25:00+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.", "product_ids": [ "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-filesystem-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-manual-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:1809" }, { "category": "workaround", "details": "This flaw only affects specific httpd configurations which use the uwsgi protocol. It does not manifest itself when uwsgi protocol is not used. Commenting out \"LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so\" in /etc/httpd/conf.modules.d/00-proxy.conf will disable the loading of the vulnerable module.", "product_ids": [ "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-filesystem-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-manual-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-filesystem-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-manual-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: mod_proxy_uwsgi buffer overflow" }, { "acknowledgments": [ { "names": [ "the Apache project" ] } ], "cve": "CVE-2020-11993", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-08-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1866564" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache httpd in versions 2.4.20 to 2.4.43. Logging using the wrong pool by mod_http2 at debug/trace log level may lead to potential crashes and denial of service. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_http2 concurrent pool usage", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 5, 6, and 7 do not ship the vulnerable version of httpd and, thus, are not affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-filesystem-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-manual-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11993" }, { "category": "external", "summary": "RHBZ#1866564", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866564" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11993", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11993" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11993", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11993" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11993", "url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11993" } ], "release_date": "2020-08-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-05-18T14:25:00+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.", "product_ids": [ "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-filesystem-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-manual-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:1809" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-debugsource-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-devel-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-filesystem-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-manual-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.noarch", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.aarch64", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.ppc64le", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.s390x", "AppStream-8.4.0.GA:httpd:2.4:8040020210127115317:9f9e2e7e:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+9658+b87b2deb.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: mod_http2 concurrent pool usage" } ] }
gsd-2020-11984
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE
Aliases
Aliases
{ "GSD": { "alias": "CVE-2020-11984", "description": "Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE", "id": "GSD-2020-11984", "references": [ "https://www.suse.com/security/cve/CVE-2020-11984.html", "https://www.debian.org/security/2020/dsa-4757", "https://access.redhat.com/errata/RHSA-2021:1809", "https://access.redhat.com/errata/RHBA-2020:5280", "https://access.redhat.com/errata/RHSA-2020:4384", "https://access.redhat.com/errata/RHSA-2020:4383", "https://ubuntu.com/security/CVE-2020-11984", "https://advisories.mageia.org/CVE-2020-11984.html", "https://alas.aws.amazon.com/cve/html/CVE-2020-11984.html", "https://linux.oracle.com/cve/CVE-2020-11984.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2020-11984" ], "details": "Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE", "id": "GSD-2020-11984", "modified": "2023-12-13T01:22:06.328100Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "security@apache.org", "ID": "CVE-2020-11984", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Apache HTTP Server", "version": { "version_data": [ { "version_value": "2.4.32 to 2.4.44" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "mod_uwsgi buffer overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://httpd.apache.org/security/vulnerabilities_24.html", "refsource": "MISC", "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "name": "[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/08/08/1" }, { "name": "GLSA-202008-04", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202008-04" }, { "name": "[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/08/08/10" }, { "name": "[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/08/08/8" }, { "name": "[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/08/08/9" }, { "name": "[oss-security] 20200810 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/08/10/5" }, { "name": "[httpd-dev] 20200811 Which version fixed the CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993 vulnerabilities?", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r5debe8f82728a00a4a68bc904dd6c35423bdfc8d601cfb4579f38bf1@%3Cdev.httpd.apache.org%3E" }, { "name": "[httpd-dev] 20200811 Re: Which version fixed the CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993 vulnerabilities?", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672@%3Cdev.httpd.apache.org%3E" }, { "name": "[oss-security] 20200817 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/08/17/2" }, { "name": "USN-4458-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4458-1/" }, { "name": "openSUSE-SU-2020:1285", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00068.html" }, { "name": "openSUSE-SU-2020:1293", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.html" }, { "name": "FEDORA-2020-189a1e6c3e", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/" }, { "name": "DSA-4757", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2020/dsa-4757" }, { "name": "[debian-lts-announce] 20200902 [SECURITY] [DLA 2362-1] uwsgi security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00001.html" }, { "name": "FEDORA-2020-0d3d3f5072", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/" }, { "name": "https://www.oracle.com/security-alerts/cpuoct2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "name": "https://security.netapp.com/advisory/ntap-20200814-0005/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20200814-0005/" }, { "name": "http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html" }, { "name": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073143 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888194 [13/13] - /httpd/site/trunk/content/security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [12/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888199 - /httpd/site/trunk/content/security/vulnerabilities-httpd.xml", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r34753590ae8e3f2b6af689af4fe84269b592f5fda9f3244fd9abbce8@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [13/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073171 - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-11984.json security/json/CVE-2020-11993.json security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf71eb428714374a6f9ad68952e23611ec7807b029fd6a1b4f5f732d9@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888228 - in /httpd/site/trunk/content/security/json: CVE-2020-11984.json CVE-2020-11993.json", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r2c6083f6a2027914a0f5b54e2a1f4fa98c03f8693b58460911818255@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210606 svn commit: r1075470 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "2.4.43", "versionStartIncluding": "2.4.32", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "8.2.2", "versionStartIncluding": "8.2.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "8.2.2", "versionStartIncluding": "8.2.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "8.2.2", "versionStartIncluding": "8.2.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:hyperion_infrastructure_technology:11.1.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "security@apache.org", "ID": "CVE-2020-11984" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-120" } ] } ] }, "references": { "reference_data": [ { "name": "https://httpd.apache.org/security/vulnerabilities_24.html", "refsource": "MISC", "tags": [ "Vendor Advisory" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "name": "[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2020/08/08/1" }, { "name": "GLSA-202008-04", "refsource": "GENTOO", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/202008-04" }, { "name": "[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2020/08/08/10" }, { "name": "[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2020/08/08/9" }, { "name": "[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2020/08/08/8" }, { "name": "[oss-security] 20200810 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "refsource": "MLIST", "tags": [ "Mailing List", "Vendor Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2020/08/10/5" }, { "name": "[httpd-dev] 20200811 Which version fixed the CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993 vulnerabilities?", "refsource": "MLIST", "tags": [ "Mailing List" ], "url": "https://lists.apache.org/thread.html/r5debe8f82728a00a4a68bc904dd6c35423bdfc8d601cfb4579f38bf1@%3Cdev.httpd.apache.org%3E" }, { "name": "[httpd-dev] 20200811 Re: Which version fixed the CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993 vulnerabilities?", "refsource": "MLIST", "tags": [ "Mailing List", "Vendor Advisory" ], "url": "https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672@%3Cdev.httpd.apache.org%3E" }, { "name": "https://security.netapp.com/advisory/ntap-20200814-0005/", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://security.netapp.com/advisory/ntap-20200814-0005/" }, { "name": "[oss-security] 20200817 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2020/08/17/2" }, { "name": "USN-4458-1", "refsource": "UBUNTU", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/4458-1/" }, { "name": "openSUSE-SU-2020:1285", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00068.html" }, { "name": "openSUSE-SU-2020:1293", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.html" }, { "name": "http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html", "refsource": "MISC", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html" }, { "name": "FEDORA-2020-189a1e6c3e", "refsource": "FEDORA", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/" }, { "name": "DSA-4757", "refsource": "DEBIAN", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2020/dsa-4757" }, { "name": "[debian-lts-announce] 20200902 [SECURITY] [DLA 2362-1] uwsgi security update", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00001.html" }, { "name": "FEDORA-2020-0d3d3f5072", "refsource": "FEDORA", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/" }, { "name": "https://www.oracle.com/security-alerts/cpuoct2020.html", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "name": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "refsource": "MLIST", "tags": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "tags": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "refsource": "MLIST", "tags": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888228 - in /httpd/site/trunk/content/security/json: CVE-2020-11984.json CVE-2020-11993.json", "refsource": "MLIST", "tags": [], "url": "https://lists.apache.org/thread.html/r2c6083f6a2027914a0f5b54e2a1f4fa98c03f8693b58460911818255@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888194 [13/13] - /httpd/site/trunk/content/security/json/", "refsource": "MLIST", "tags": [], "url": "https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073171 - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-11984.json security/json/CVE-2020-11993.json security/vulnerabilities_24.html", "refsource": "MLIST", "tags": [], "url": "https://lists.apache.org/thread.html/rf71eb428714374a6f9ad68952e23611ec7807b029fd6a1b4f5f732d9@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888199 - /httpd/site/trunk/content/security/vulnerabilities-httpd.xml", "refsource": "MLIST", "tags": [], "url": "https://lists.apache.org/thread.html/r34753590ae8e3f2b6af689af4fe84269b592f5fda9f3244fd9abbce8@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073143 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/", "refsource": "MLIST", "tags": [], "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [12/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "refsource": "MLIST", "tags": [], "url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [13/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "refsource": "MLIST", "tags": [], "url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210606 svn commit: r1075470 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "tags": [], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9 } }, "lastModifiedDate": "2021-06-06T11:15Z", "publishedDate": "2020-08-07T16:15Z" } } }
ghsa-7fcg-7xhc-3997
Vulnerability from github
Published
2022-05-24 17:25
Modified
2022-05-24 17:25
Details
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE
{ "affected": [], "aliases": [ "CVE-2020-11984" ], "database_specific": { "cwe_ids": [ "CWE-120" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2020-08-07T16:15:00Z", "severity": "HIGH" }, "details": "Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE", "id": "GHSA-7fcg-7xhc-3997", "modified": "2022-05-24T17:25:02Z", "published": "2022-05-24T17:25:02Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11984" }, { "type": "WEB", "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "type": "WEB", "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "type": "WEB", "url": "https://www.debian.org/security/2020/dsa-4757" }, { "type": "WEB", "url": "https://usn.ubuntu.com/4458-1" }, { "type": "WEB", "url": "https://security.netapp.com/advisory/ntap-20200814-0005" }, { "type": "WEB", "url": "https://security.gentoo.org/glsa/202008-04" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00001.html" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/rf71eb428714374a6f9ad68952e23611ec7807b029fd6a1b4f5f732d9@%3Ccvs.httpd.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672@%3Cdev.httpd.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r5debe8f82728a00a4a68bc904dd6c35423bdfc8d601cfb4579f38bf1@%3Cdev.httpd.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36@%3Ccvs.httpd.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r34753590ae8e3f2b6af689af4fe84269b592f5fda9f3244fd9abbce8@%3Ccvs.httpd.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r2c6083f6a2027914a0f5b54e2a1f4fa98c03f8693b58460911818255@%3Ccvs.httpd.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775@%3Ccvs.httpd.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf@%3Ccvs.httpd.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d@%3Ccvs.httpd.apache.org%3E" }, { "type": "WEB", "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00068.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.html" }, { "type": "WEB", "url": "http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html" }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2020/08/08/1" }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2020/08/08/10" }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2020/08/08/8" }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2020/08/08/9" }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2020/08/10/5" }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2020/08/17/2" } ], "schema_version": "1.4.0", "severity": [] }
wid-sec-w-2023-1048
Vulnerability from csaf_certbund
Published
2020-10-20 22:00
Modified
2024-02-04 23:00
Summary
Oracle Construction and Engineering: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Construction and Engineering ist eine Sammlung von Werkzeugen zur Unterstützung von Bau- und Ingenieurbüros. Sie umfasst u. a. Projektmanagement-Lösungen zur Verwaltung von Projekte, zur Schaffung von Transparenz, zur Zusammenarbeit und zur Verwaltung von Änderungen.
Angriff
Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Construction and Engineering ausnutzen, um die Verfügbarkeit, Vertraulichkeit und Integrität zu gefährden.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Construction and Engineering ist eine Sammlung von Werkzeugen zur Unterst\u00fctzung von Bau- und Ingenieurb\u00fcros. Sie umfasst u. a. Projektmanagement-L\u00f6sungen zur Verwaltung von Projekte, zur Schaffung von Transparenz, zur Zusammenarbeit und zur Verwaltung von \u00c4nderungen.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Construction and Engineering ausnutzen, um die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t zu gef\u00e4hrden.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1048 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2023-1048.json" }, { "category": "self", "summary": "WID-SEC-2023-1048 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1048" }, { "category": "external", "summary": "Oracle Critical Patch Update Advisory - October 2020 - Appendix Oracle Construction and Engineering vom 2020-10-20", "url": "https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixPVA" }, { "category": "external", "summary": "IBM Security Bulletin 6985225 vom 2023-04-21", "url": "https://www.ibm.com/support/pages/node/6985225" }, { "category": "external", "summary": "Dell Security Advisory DSA-2024-070 vom 2024-02-03", "url": "https://www.dell.com/support/kbdoc/000221770/dsa-2024-=" } ], "source_lang": "en-US", "title": "Oracle Construction and Engineering: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-02-04T23:00:00.000+00:00", "generator": { "date": "2024-02-15T17:25:11.042+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-1048", "initial_release_date": "2020-10-20T22:00:00.000+00:00", "revision_history": [ { "date": "2020-10-20T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-04-20T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-02-04T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von Dell aufgenommen" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "EMC Avamar", "product": { "name": "EMC Avamar", "product_id": "T014381", "product_identification_helper": { "cpe": "cpe:/a:emc:avamar:-" } } } ], "category": "vendor", "name": "EMC" }, { "branches": [ { "category": "product_name", "name": "IBM Tivoli Network Manager 4.2.0", "product": { "name": "IBM Tivoli Network Manager 4.2.0", "product_id": "T025751", "product_identification_helper": { "cpe": "cpe:/a:ibm:tivoli_network_manager:4.2.0" } } } ], "category": "vendor", "name": "IBM" }, { "branches": [ { "category": "product_name", "name": "Oracle Construction and Engineering", "product": { "name": "Oracle Construction and Engineering", "product_id": "T015701", "product_identification_helper": { "cpe": "cpe:/a:oracle:construction_and_engineering:-" } } } ], "category": "vendor", "name": "Oracle" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-1832", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2015-1832" }, { "cve": "CVE-2017-9096", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2017-9096" }, { "cve": "CVE-2018-17196", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2018-17196" }, { "cve": "CVE-2019-17495", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2019-17495" }, { "cve": "CVE-2019-17558", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2019-17558" }, { "cve": "CVE-2020-11984", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2020-11984" }, { "cve": "CVE-2020-11993", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2020-11993" }, { "cve": "CVE-2020-13934", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2020-13934" }, { "cve": "CVE-2020-13935", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2020-13935" }, { "cve": "CVE-2020-9488", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2020-9488" }, { "cve": "CVE-2020-9489", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2020-9489" }, { "cve": "CVE-2020-9490", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2020-9490" } ] }
WID-SEC-W-2023-0063
Vulnerability from csaf_certbund
Published
2022-01-12 23:00
Modified
2023-01-11 23:00
Summary
Juniper Junos Space: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Junos Space ist eine Software-Plattform, die eine Reihe von Applikationen für das Netzwerkmanagement beinhaltet.
Angriff
Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Juniper Junos Space ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen, beliebigen Code auszuführen und seine Privilegien zu erweitern.
Betroffene Betriebssysteme
- Juniper Appliance
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Junos Space ist eine Software-Plattform, die eine Reihe von Applikationen f\u00fcr das Netzwerkmanagement beinhaltet.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Juniper Junos Space ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern.", "title": "Angriff" }, { "category": "general", "text": "- Juniper Appliance", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-0063 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2023-0063.json" }, { "category": "self", "summary": "WID-SEC-2023-0063 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0063" }, { "category": "external", "summary": "Juniper Security Advisory JSA70182 vom 2023-01-12", "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Contrail-Service-Orchestration-Multiple-vulnerabilities-resolved-in-CSO-6-3-0?language=en_US" }, { "category": "external", "summary": "Juniper Security Advisory vom 2022-01-12", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11287\u0026cat=SIRT_1" } ], "source_lang": "en-US", "title": "Juniper Junos Space: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-01-11T23:00:00.000+00:00", "generator": { "date": "2024-02-15T17:09:11.163+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-0063", "initial_release_date": "2022-01-12T23:00:00.000+00:00", "revision_history": [ { "date": "2022-01-12T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-01-11T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Juniper aufgenommen" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Juniper Contrail Service Orchestration", "product": { "name": "Juniper Contrail Service Orchestration", "product_id": "T025794", "product_identification_helper": { "cpe": "cpe:/a:juniper:contrail_service_orchestration:-" } } }, { "category": "product_name", "name": "Juniper Junos Space \u003c 21.3R1", "product": { "name": "Juniper Junos Space \u003c 21.3R1", "product_id": "T021576", "product_identification_helper": { "cpe": "cpe:/a:juniper:junos_space:21.3r1" } } } ], "category": "vendor", "name": "Juniper" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-17543", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2019-17543" }, { "cve": "CVE-2019-20934", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2019-20934" }, { "cve": "CVE-2020-0543", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-0543" }, { "cve": "CVE-2020-0548", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-0548" }, { "cve": "CVE-2020-0549", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-0549" }, { "cve": "CVE-2020-11022", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11022" }, { "cve": "CVE-2020-11023", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11023" }, { "cve": "CVE-2020-11668", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11668" }, { "cve": "CVE-2020-11984", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11984" }, { "cve": "CVE-2020-11993", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11993" }, { "cve": "CVE-2020-12362", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-12362" }, { "cve": "CVE-2020-12363", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-12363" }, { "cve": "CVE-2020-12364", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-12364" }, { "cve": "CVE-2020-1927", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-1927" }, { "cve": "CVE-2020-1934", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-1934" }, { "cve": "CVE-2020-24489", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-24489" }, { "cve": "CVE-2020-24511", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-24511" }, { "cve": "CVE-2020-24512", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-24512" }, { "cve": "CVE-2020-27170", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-27170" }, { "cve": "CVE-2020-27777", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-27777" }, { "cve": "CVE-2020-29443", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-29443" }, { "cve": "CVE-2020-8625", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8625" }, { "cve": "CVE-2020-8648", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8648" }, { "cve": "CVE-2020-8695", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8695" }, { "cve": "CVE-2020-8696", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8696" }, { "cve": "CVE-2020-8698", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8698" }, { "cve": "CVE-2020-9490", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-9490" }, { "cve": "CVE-2021-20254", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-20254" }, { "cve": "CVE-2021-22555", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-22555" }, { "cve": "CVE-2021-22901", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-22901" }, { "cve": "CVE-2021-2341", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2341" }, { "cve": "CVE-2021-2342", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2342" }, { "cve": "CVE-2021-2356", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2356" }, { "cve": "CVE-2021-2369", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2369" }, { "cve": "CVE-2021-2372", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2372" }, { "cve": "CVE-2021-2385", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2385" }, { "cve": "CVE-2021-2388", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2388" }, { "cve": "CVE-2021-2389", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2389" }, { "cve": "CVE-2021-2390", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2390" }, { "cve": "CVE-2021-25214", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-25214" }, { "cve": "CVE-2021-25217", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-25217" }, { "cve": "CVE-2021-27219", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-27219" }, { "cve": "CVE-2021-29154", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-29154" }, { "cve": "CVE-2021-29650", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-29650" }, { "cve": "CVE-2021-31535", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-31535" }, { "cve": "CVE-2021-32399", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-32399" }, { "cve": "CVE-2021-33033", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-33033" }, { "cve": "CVE-2021-33034", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-33034" }, { "cve": "CVE-2021-3347", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-3347" }, { "cve": "CVE-2021-33909", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-33909" }, { "cve": "CVE-2021-3653", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-3653" }, { "cve": "CVE-2021-3656", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-3656" }, { "cve": "CVE-2021-3715", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-3715" }, { "cve": "CVE-2021-37576", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-37576" }, { "cve": "CVE-2021-4104", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-4104" }, { "cve": "CVE-2021-42550", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-42550" }, { "cve": "CVE-2021-44228", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-44228" }, { "cve": "CVE-2021-45046", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-45046" } ] }
WID-SEC-W-2023-1048
Vulnerability from csaf_certbund
Published
2020-10-20 22:00
Modified
2024-02-04 23:00
Summary
Oracle Construction and Engineering: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Construction and Engineering ist eine Sammlung von Werkzeugen zur Unterstützung von Bau- und Ingenieurbüros. Sie umfasst u. a. Projektmanagement-Lösungen zur Verwaltung von Projekte, zur Schaffung von Transparenz, zur Zusammenarbeit und zur Verwaltung von Änderungen.
Angriff
Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Construction and Engineering ausnutzen, um die Verfügbarkeit, Vertraulichkeit und Integrität zu gefährden.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Construction and Engineering ist eine Sammlung von Werkzeugen zur Unterst\u00fctzung von Bau- und Ingenieurb\u00fcros. Sie umfasst u. a. Projektmanagement-L\u00f6sungen zur Verwaltung von Projekte, zur Schaffung von Transparenz, zur Zusammenarbeit und zur Verwaltung von \u00c4nderungen.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Construction and Engineering ausnutzen, um die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t zu gef\u00e4hrden.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1048 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2023-1048.json" }, { "category": "self", "summary": "WID-SEC-2023-1048 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1048" }, { "category": "external", "summary": "Oracle Critical Patch Update Advisory - October 2020 - Appendix Oracle Construction and Engineering vom 2020-10-20", "url": "https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixPVA" }, { "category": "external", "summary": "IBM Security Bulletin 6985225 vom 2023-04-21", "url": "https://www.ibm.com/support/pages/node/6985225" }, { "category": "external", "summary": "Dell Security Advisory DSA-2024-070 vom 2024-02-03", "url": "https://www.dell.com/support/kbdoc/000221770/dsa-2024-=" } ], "source_lang": "en-US", "title": "Oracle Construction and Engineering: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-02-04T23:00:00.000+00:00", "generator": { "date": "2024-02-15T17:25:11.042+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-1048", "initial_release_date": "2020-10-20T22:00:00.000+00:00", "revision_history": [ { "date": "2020-10-20T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-04-20T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-02-04T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von Dell aufgenommen" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "EMC Avamar", "product": { "name": "EMC Avamar", "product_id": "T014381", "product_identification_helper": { "cpe": "cpe:/a:emc:avamar:-" } } } ], "category": "vendor", "name": "EMC" }, { "branches": [ { "category": "product_name", "name": "IBM Tivoli Network Manager 4.2.0", "product": { "name": "IBM Tivoli Network Manager 4.2.0", "product_id": "T025751", "product_identification_helper": { "cpe": "cpe:/a:ibm:tivoli_network_manager:4.2.0" } } } ], "category": "vendor", "name": "IBM" }, { "branches": [ { "category": "product_name", "name": "Oracle Construction and Engineering", "product": { "name": "Oracle Construction and Engineering", "product_id": "T015701", "product_identification_helper": { "cpe": "cpe:/a:oracle:construction_and_engineering:-" } } } ], "category": "vendor", "name": "Oracle" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-1832", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2015-1832" }, { "cve": "CVE-2017-9096", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2017-9096" }, { "cve": "CVE-2018-17196", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2018-17196" }, { "cve": "CVE-2019-17495", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2019-17495" }, { "cve": "CVE-2019-17558", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2019-17558" }, { "cve": "CVE-2020-11984", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2020-11984" }, { "cve": "CVE-2020-11993", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2020-11993" }, { "cve": "CVE-2020-13934", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2020-13934" }, { "cve": "CVE-2020-13935", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2020-13935" }, { "cve": "CVE-2020-9488", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2020-9488" }, { "cve": "CVE-2020-9489", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2020-9489" }, { "cve": "CVE-2020-9490", "notes": [ { "category": "description", "text": "In Oracle Construction and Engineering Produkten existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T014381", "T015701", "T025751" ] }, "release_date": "2020-10-20T22:00:00Z", "title": "CVE-2020-9490" } ] }
wid-sec-w-2023-0063
Vulnerability from csaf_certbund
Published
2022-01-12 23:00
Modified
2023-01-11 23:00
Summary
Juniper Junos Space: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Junos Space ist eine Software-Plattform, die eine Reihe von Applikationen für das Netzwerkmanagement beinhaltet.
Angriff
Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Juniper Junos Space ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen, beliebigen Code auszuführen und seine Privilegien zu erweitern.
Betroffene Betriebssysteme
- Juniper Appliance
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Junos Space ist eine Software-Plattform, die eine Reihe von Applikationen f\u00fcr das Netzwerkmanagement beinhaltet.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Juniper Junos Space ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern.", "title": "Angriff" }, { "category": "general", "text": "- Juniper Appliance", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-0063 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2023-0063.json" }, { "category": "self", "summary": "WID-SEC-2023-0063 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0063" }, { "category": "external", "summary": "Juniper Security Advisory JSA70182 vom 2023-01-12", "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Contrail-Service-Orchestration-Multiple-vulnerabilities-resolved-in-CSO-6-3-0?language=en_US" }, { "category": "external", "summary": "Juniper Security Advisory vom 2022-01-12", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11287\u0026cat=SIRT_1" } ], "source_lang": "en-US", "title": "Juniper Junos Space: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-01-11T23:00:00.000+00:00", "generator": { "date": "2024-02-15T17:09:11.163+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-0063", "initial_release_date": "2022-01-12T23:00:00.000+00:00", "revision_history": [ { "date": "2022-01-12T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-01-11T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Juniper aufgenommen" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Juniper Contrail Service Orchestration", "product": { "name": "Juniper Contrail Service Orchestration", "product_id": "T025794", "product_identification_helper": { "cpe": "cpe:/a:juniper:contrail_service_orchestration:-" } } }, { "category": "product_name", "name": "Juniper Junos Space \u003c 21.3R1", "product": { "name": "Juniper Junos Space \u003c 21.3R1", "product_id": "T021576", "product_identification_helper": { "cpe": "cpe:/a:juniper:junos_space:21.3r1" } } } ], "category": "vendor", "name": "Juniper" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-17543", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2019-17543" }, { "cve": "CVE-2019-20934", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2019-20934" }, { "cve": "CVE-2020-0543", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-0543" }, { "cve": "CVE-2020-0548", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-0548" }, { "cve": "CVE-2020-0549", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-0549" }, { "cve": "CVE-2020-11022", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11022" }, { "cve": "CVE-2020-11023", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11023" }, { "cve": "CVE-2020-11668", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11668" }, { "cve": "CVE-2020-11984", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11984" }, { "cve": "CVE-2020-11993", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11993" }, { "cve": "CVE-2020-12362", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-12362" }, { "cve": "CVE-2020-12363", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-12363" }, { "cve": "CVE-2020-12364", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-12364" }, { "cve": "CVE-2020-1927", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-1927" }, { "cve": "CVE-2020-1934", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-1934" }, { "cve": "CVE-2020-24489", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-24489" }, { "cve": "CVE-2020-24511", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-24511" }, { "cve": "CVE-2020-24512", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-24512" }, { "cve": "CVE-2020-27170", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-27170" }, { "cve": "CVE-2020-27777", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-27777" }, { "cve": "CVE-2020-29443", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-29443" }, { "cve": "CVE-2020-8625", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8625" }, { "cve": "CVE-2020-8648", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8648" }, { "cve": "CVE-2020-8695", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8695" }, { "cve": "CVE-2020-8696", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8696" }, { "cve": "CVE-2020-8698", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8698" }, { "cve": "CVE-2020-9490", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-9490" }, { "cve": "CVE-2021-20254", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-20254" }, { "cve": "CVE-2021-22555", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-22555" }, { "cve": "CVE-2021-22901", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-22901" }, { "cve": "CVE-2021-2341", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2341" }, { "cve": "CVE-2021-2342", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2342" }, { "cve": "CVE-2021-2356", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2356" }, { "cve": "CVE-2021-2369", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2369" }, { "cve": "CVE-2021-2372", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2372" }, { "cve": "CVE-2021-2385", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2385" }, { "cve": "CVE-2021-2388", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2388" }, { "cve": "CVE-2021-2389", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2389" }, { "cve": "CVE-2021-2390", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2390" }, { "cve": "CVE-2021-25214", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-25214" }, { "cve": "CVE-2021-25217", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-25217" }, { "cve": "CVE-2021-27219", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-27219" }, { "cve": "CVE-2021-29154", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-29154" }, { "cve": "CVE-2021-29650", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-29650" }, { "cve": "CVE-2021-31535", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-31535" }, { "cve": "CVE-2021-32399", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-32399" }, { "cve": "CVE-2021-33033", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-33033" }, { "cve": "CVE-2021-33034", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-33034" }, { "cve": "CVE-2021-3347", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-3347" }, { "cve": "CVE-2021-33909", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-33909" }, { "cve": "CVE-2021-3653", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-3653" }, { "cve": "CVE-2021-3656", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-3656" }, { "cve": "CVE-2021-3715", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-3715" }, { "cve": "CVE-2021-37576", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-37576" }, { "cve": "CVE-2021-4104", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-4104" }, { "cve": "CVE-2021-42550", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-42550" }, { "cve": "CVE-2021-44228", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-44228" }, { "cve": "CVE-2021-45046", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-45046" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.