Action not permitted
Modal body text goes here.
cve-2021-26690
Vulnerability from cvelistv5
Published
2021-06-10 07:10
Modified
2024-08-03 20:33
Severity
Summary
mod_session NULL pointer dereference
References
Impacted products
| Vendor | Product |
|---|---|
| Apache Software Foundation | Apache HTTP Server |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:33:40.192Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-announce] 20210609 CVE-2021-26690: mod_session NULL pointer dereference",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rae406c1d19c0dfd3103c96923dadac2af1cd0bad6905ab1ede153865%40%3Cannounce.httpd.apache.org%3E"
},
{
"name": "[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E"
},
{
"name": "[oss-security] 20210609 CVE-2021-26690: Apache httpd: mod_session NULL pointer dereference",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/06/10/6"
},
{
"name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"
},
{
"name": "DSA-4937",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4937"
},
{
"name": "GLSA-202107-38",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-38"
},
{
"name": "FEDORA-2021-dce7e7738e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/"
},
{
"name": "FEDORA-2021-e3f6dd670d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210702-0001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache HTTP Server",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "2.4.46"
},
{
"status": "affected",
"version": "2.4.43"
},
{
"status": "affected",
"version": "2.4.41"
},
{
"status": "affected",
"version": "2.4.39"
},
{
"status": "affected",
"version": "2.4.38"
},
{
"status": "affected",
"version": "2.4.37"
},
{
"status": "affected",
"version": "2.4.35"
},
{
"status": "affected",
"version": "2.4.34"
},
{
"status": "affected",
"version": "2.4.33"
},
{
"status": "affected",
"version": "2.4.29"
},
{
"status": "affected",
"version": "2.4.28"
},
{
"status": "affected",
"version": "2.4.27"
},
{
"status": "affected",
"version": "2.4.26"
},
{
"status": "affected",
"version": "2.4.25"
},
{
"status": "affected",
"version": "2.4.23"
},
{
"status": "affected",
"version": "2.4.20"
},
{
"status": "affected",
"version": "2.4.18"
},
{
"status": "affected",
"version": "2.4.17"
},
{
"status": "affected",
"version": "2.4.16"
},
{
"status": "affected",
"version": "2.4.12"
},
{
"status": "affected",
"version": "2.4.10"
},
{
"status": "affected",
"version": "2.4.9"
},
{
"status": "affected",
"version": "2.4.7"
},
{
"status": "affected",
"version": "2.4.6"
},
{
"status": "affected",
"version": "2.4.4"
},
{
"status": "affected",
"version": "2.4.3"
},
{
"status": "affected",
"version": "2.4.2"
},
{
"status": "affected",
"version": "2.4.1"
},
{
"status": "affected",
"version": "2.4.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "This issue was discovered and reported by GHSL team member @antonio-morales (Antonio Morales)"
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service"
}
],
"metrics": [
{
"other": {
"content": {
"other": "low"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "mod_session NULL pointer dereference",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-20T10:41:43",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-announce] 20210609 CVE-2021-26690: mod_session NULL pointer dereference",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rae406c1d19c0dfd3103c96923dadac2af1cd0bad6905ab1ede153865%40%3Cannounce.httpd.apache.org%3E"
},
{
"name": "[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E"
},
{
"name": "[oss-security] 20210609 CVE-2021-26690: Apache httpd: mod_session NULL pointer dereference",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/06/10/6"
},
{
"name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"
},
{
"name": "DSA-4937",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4937"
},
{
"name": "GLSA-202107-38",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202107-38"
},
{
"name": "FEDORA-2021-dce7e7738e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/"
},
{
"name": "FEDORA-2021-e3f6dd670d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210702-0001/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "mod_session NULL pointer dereference",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-26690",
"STATE": "PUBLIC",
"TITLE": "mod_session NULL pointer dereference"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.46"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.43"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.41"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.39"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.38"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.37"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.35"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.34"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.33"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.29"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.28"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.27"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.26"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.25"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.23"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.20"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.18"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.17"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.16"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.12"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.10"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.9"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.7"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.6"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.4"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.3"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.2"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.1"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.0"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "This issue was discovered and reported by GHSL team member @antonio-morales (Antonio Morales)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "low"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "mod_session NULL pointer dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://httpd.apache.org/security/vulnerabilities_24.html",
"refsource": "MISC",
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-announce] 20210609 CVE-2021-26690: mod_session NULL pointer dereference",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rae406c1d19c0dfd3103c96923dadac2af1cd0bad6905ab1ede153865@%3Cannounce.httpd.apache.org%3E"
},
{
"name": "[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd@%3Cdev.httpd.apache.org%3E"
},
{
"name": "[oss-security] 20210609 CVE-2021-26690: Apache httpd: mod_session NULL pointer dereference",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/06/10/6"
},
{
"name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"
},
{
"name": "DSA-4937",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4937"
},
{
"name": "GLSA-202107-38",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202107-38"
},
{
"name": "FEDORA-2021-dce7e7738e",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/"
},
{
"name": "FEDORA-2021-e3f6dd670d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210702-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210702-0001/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-26690",
"datePublished": "2021-06-10T07:10:22",
"dateReserved": "2021-02-04T00:00:00",
"dateUpdated": "2024-08-03T20:33:40.192Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2021-26690\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2021-06-10T07:15:07.543\",\"lastModified\":\"2023-11-07T03:31:47.720\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service\"},{\"lang\":\"es\",\"value\":\"Apache HTTP Server versiones 2.4.0 a 2.4.46, un encabezado de Cookie especialmente dise\u00f1ado y gestionado por la funci\u00f3n mod_session puede causar una desviaci\u00f3n del puntero NULL y un fallo, lo que puede causar una denegaci\u00f3n de servicio\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.4.0\",\"versionEndIncluding\":\"2.4.46\",\"matchCriteriaId\":\"8375A8C8-38EB-4F32-97FD-0841D57C1971\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A930E247-0B43-43CB-98FF-6CE7B8189835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B095CC03-7077-4A58-AB25-CC5380CDCE5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82EA4BA7-C38B-4AF3-8914-9E3D089EBDD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9C9BC66-FA5F-4774-9BDA-7AB88E2839C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F69B9A5-F21B-4904-9F27-95C0F7A628E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3E503FB-6279-4D4A-91D8-E237ECF9D2B0\"}]}]}],\"references\":[{\"url\":\"http://httpd.apache.org/security/vulnerabilities_24.html\",\"source\":\"security@apache.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/06/10/6\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rae406c1d19c0dfd3103c96923dadac2af1cd0bad6905ab1ede153865%40%3Cannounce.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/\",\"source\":\"security@apache.org\"},{\"url\":\"https://security.gentoo.org/glsa/202107-38\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210702-0001/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4937\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
rhsa-2021_4257
Vulnerability from csaf_redhat
Published
2021-11-09 17:26
Modified
2024-09-13 20:32
Summary
Red Hat Security Advisory: httpd:2.4 security, bug fix, and enhancement update
Notes
Topic
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: mod_session: NULL pointer dereference when parsing Cookie header (CVE-2021-26690)
* httpd: Unexpected URL matching with 'MergeSlashes OFF' (CVE-2021-30641)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: mod_session: NULL pointer dereference when parsing Cookie header (CVE-2021-26690)\n\n* httpd: Unexpected URL matching with \u0027MergeSlashes OFF\u0027 (CVE-2021-30641)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:4257",
"url": "https://access.redhat.com/errata/RHSA-2021:4257"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/"
},
{
"category": "external",
"summary": "1905613",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905613"
},
{
"category": "external",
"summary": "1934741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934741"
},
{
"category": "external",
"summary": "1935742",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1935742"
},
{
"category": "external",
"summary": "1937334",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1937334"
},
{
"category": "external",
"summary": "1952557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1952557"
},
{
"category": "external",
"summary": "1966729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966729"
},
{
"category": "external",
"summary": "1966743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966743"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_4257.json"
}
],
"title": "Red Hat Security Advisory: httpd:2.4 security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-09-13T20:32:08+00:00",
"generator": {
"date": "2024-09-13T20:32:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2021:4257",
"initial_release_date": "2021-11-09T17:26:41+00:00",
"revision_history": [
{
"date": "2021-11-09T17:26:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-11-09T17:26:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T20:32:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd:2.4:8050020210712211742:b4937e53",
"product": {
"name": "httpd:2.4:8050020210712211742:b4937e53",
"product_id": "httpd:2.4:8050020210712211742:b4937e53",
"product_identification_helper": {
"purl": "pkg:rpmmod/redhat/httpd@2.4:8050020210712211742:b4937e53"
}
}
},
{
"category": "product_version",
"name": "httpd-filesystem-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"product": {
"name": "httpd-filesystem-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"product_id": "httpd-filesystem-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-filesystem@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"product": {
"name": "httpd-manual-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"product_id": "httpd-manual-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product": {
"name": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_id": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product": {
"name": "httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_id": "httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product": {
"name": "httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_id": "httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product": {
"name": "httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_id": "httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product": {
"name": "httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_id": "httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_id": "httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"product": {
"name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"product_id": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"product_id": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"product_id": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product": {
"name": "mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_id": "mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_id": "mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product": {
"name": "mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_id": "mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product": {
"name": "mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_id": "mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_id": "mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product": {
"name": "mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_id": "mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_id": "mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.src",
"product": {
"name": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.src",
"product_id": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=src"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src",
"product": {
"name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src",
"product_id": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=src"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product": {
"name": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_id": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product": {
"name": "httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_id": "httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product": {
"name": "httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_id": "httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product": {
"name": "httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_id": "httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product": {
"name": "httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_id": "httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_id": "httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"product": {
"name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"product_id": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"product_id": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"product_id": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product": {
"name": "mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_id": "mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_id": "mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product": {
"name": "mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_id": "mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product": {
"name": "mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_id": "mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_id": "mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product": {
"name": "mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_id": "mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_id": "mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product": {
"name": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_id": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product": {
"name": "httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_id": "httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product": {
"name": "httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_id": "httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product": {
"name": "httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_id": "httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product": {
"name": "httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_id": "httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_id": "httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"product": {
"name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"product_id": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"product_id": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"product_id": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product": {
"name": "mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_id": "mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_id": "mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product": {
"name": "mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_id": "mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product": {
"name": "mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_id": "mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_id": "mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product": {
"name": "mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_id": "mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_id": "mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product": {
"name": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_id": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_id": "httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product": {
"name": "httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_id": "httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product": {
"name": "httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_id": "httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product": {
"name": "httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_id": "httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_id": "httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"product": {
"name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"product_id": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"product_id": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"product_id": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-3.module%2Bel8.4.0%2B8625%2Bd397f3da?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product": {
"name": "mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_id": "mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_id": "mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product": {
"name": "mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_id": "mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product": {
"name": "mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_id": "mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_id": "mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product": {
"name": "mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_id": "mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_id": "mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-41.module%2Bel8.5.0%2B11772%2Bc8e0c271?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
"product_reference": "httpd:2.4:8050020210712211742:b4937e53",
"relates_to_product_reference": "AppStream-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64"
},
"product_reference": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le"
},
"product_reference": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x"
},
"product_reference": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.src as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.src"
},
"product_reference": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.src",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64"
},
"product_reference": "httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64"
},
"product_reference": "httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le"
},
"product_reference": "httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x"
},
"product_reference": "httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64"
},
"product_reference": "httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64"
},
"product_reference": "httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x"
},
"product_reference": "httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64"
},
"product_reference": "httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-filesystem-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-filesystem-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch"
},
"product_reference": "httpd-filesystem-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-manual-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch"
},
"product_reference": "httpd-manual-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64"
},
"product_reference": "httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x"
},
"product_reference": "httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64"
},
"product_reference": "httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64"
},
"product_reference": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le"
},
"product_reference": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x"
},
"product_reference": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src"
},
"product_reference": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64"
},
"product_reference": "mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64"
},
"product_reference": "mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x"
},
"product_reference": "mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64"
},
"product_reference": "mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64"
},
"product_reference": "mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le"
},
"product_reference": "mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x"
},
"product_reference": "mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64"
},
"product_reference": "mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64"
},
"product_reference": "mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x"
},
"product_reference": "mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64"
},
"product_reference": "mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64 as a component of httpd:2.4:8050020210712211742:b4937e53 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the Apache project"
]
},
{
"names": [
"Antonio Morales"
],
"organization": "GHSL"
}
],
"cve": "CVE-2021-26690",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966729"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference was found in Apache httpd mod_session. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_session: NULL pointer dereference when parsing Cookie header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a null pointer deference caused when using mod_session. It can result in crash of httpd child process by a remote attacker.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-filesystem-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-manual-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26690"
},
{
"category": "external",
"summary": "RHBZ#1966729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966729"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26690"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26690",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26690"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-filesystem-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-manual-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4257"
},
{
"category": "workaround",
"details": "Only configurations which use the \"SessionEnv\" directive (which is not widely used) are vulnerable to this flaw. SessionEnv is not enabled in default configuration of httpd package shipped with Red Hat Products.",
"product_ids": [
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-filesystem-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-manual-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-filesystem-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-manual-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_session: NULL pointer dereference when parsing Cookie header"
},
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Christoph Anton Mitterer"
]
}
],
"cve": "CVE-2021-30641",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966743"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache httpd. A possible regression from an earlier security fix broke behavior of MergeSlashes. The highest threat from this vulnerability is to data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Unexpected URL matching with \u0027MergeSlashes OFF\u0027",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw was introduced when fixing https://access.redhat.com/security/cve/cve-2019-0220, therefore versions of httpd package shipped with Red Hat Enterprise Linux 7, 8 and Red Hat Software Collections are affected by this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-filesystem-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-manual-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-30641"
},
{
"category": "external",
"summary": "RHBZ#1966743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-30641",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30641"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-30641",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30641"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-filesystem-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-manual-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4257"
},
{
"category": "workaround",
"details": "This issue can be mitigated by setting the \"MergeSlashes\" directive to OFF",
"product_ids": [
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-filesystem-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-manual-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-debugsource-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-devel-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-filesystem-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-manual-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:httpd-tools-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ldap-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_proxy_html-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_session-debuginfo-0:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x",
"AppStream-8.5.0.GA:httpd:2.4:8050020210712211742:b4937e53:mod_ssl-debuginfo-1:2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Unexpected URL matching with \u0027MergeSlashes OFF\u0027"
}
]
}
rhsa-2021_4613
Vulnerability from csaf_redhat
Published
2021-11-10 17:14
Modified
2024-09-16 06:17
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP10 security update
Notes
Topic
Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10 zip release for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows is available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release adds the new Apache HTTP Server 2.4.37 Service Pack 10 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 9 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* httpd: Single zero byte stack overflow in mod_auth_digest (CVE-2020-35452)
* httpd: mod_session NULL pointer dereference in parser (CVE-2021-26690)
* httpd: Heap overflow in mod_session (CVE-2021-26691)
* httpd: mod_proxy_wstunnel tunneling of non Upgraded connection (CVE-2019-17567)
* httpd: MergeSlashes regression (CVE-2021-30641)
* httpd: mod_proxy NULL pointer dereference (CVE-2020-13950)
* jbcs-httpd24-openssl: openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841)
* openssl: Read buffer overruns processing ASN.1 strings (CVE-2021-3712)
* openssl: integer overflow in CipherUpdate (CVE-2021-23840)
* pcre: buffer over-read in JIT when UTF is disabled (CVE-2019-20838)
* pcre: integer overflow in libpcre (CVE-2020-14155)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10 zip release for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows is available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release adds the new Apache HTTP Server 2.4.37 Service Pack 10 packages that are part of the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 9 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* httpd: Single zero byte stack overflow in mod_auth_digest (CVE-2020-35452)\n* httpd: mod_session NULL pointer dereference in parser (CVE-2021-26690)\n* httpd: Heap overflow in mod_session (CVE-2021-26691)\n* httpd: mod_proxy_wstunnel tunneling of non Upgraded connection (CVE-2019-17567)\n* httpd: MergeSlashes regression (CVE-2021-30641)\n* httpd: mod_proxy NULL pointer dereference (CVE-2020-13950)\n* jbcs-httpd24-openssl: openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841)\n* openssl: Read buffer overruns processing ASN.1 strings (CVE-2021-3712)\n* openssl: integer overflow in CipherUpdate (CVE-2021-23840)\n* pcre: buffer over-read in JIT when UTF is disabled (CVE-2019-20838)\n* pcre: integer overflow in libpcre (CVE-2020-14155)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:4613",
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1848436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436"
},
{
"category": "external",
"summary": "1848444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444"
},
{
"category": "external",
"summary": "1930310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930310"
},
{
"category": "external",
"summary": "1930324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930324"
},
{
"category": "external",
"summary": "1966724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966724"
},
{
"category": "external",
"summary": "1966729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966729"
},
{
"category": "external",
"summary": "1966732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966732"
},
{
"category": "external",
"summary": "1966738",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966738"
},
{
"category": "external",
"summary": "1966740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966740"
},
{
"category": "external",
"summary": "1966743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966743"
},
{
"category": "external",
"summary": "1995634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995634"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_4613.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP10 security update",
"tracking": {
"current_release_date": "2024-09-16T06:17:59+00:00",
"generator": {
"date": "2024-09-16T06:17:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2021:4613",
"initial_release_date": "2021-11-10T17:14:06+00:00",
"revision_history": [
{
"date": "2021-11-10T17:14:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-11-10T17:14:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-16T06:17:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services 1",
"product": {
"name": "Red Hat JBoss Core Services 1",
"product_id": "Red Hat JBoss Core Services 1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Mikhail Egorov"
]
}
],
"cve": "CVE-2019-17567",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966740"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache httpd. The mod_proxy_wstunnel module tunnels non-upgraded connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy_wstunnel tunneling of non Upgraded connection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17567"
},
{
"category": "external",
"summary": "RHBZ#1966740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17567",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17567"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17567",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17567"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "Only configurations which use mod_proxy_wstunnel are affected by this flaw. It is also safe to comment-out the \"LoadModule proxy_wstunnel_module ... \" line in /etc/httpd/conf.modules.d/00-proxy.conf for configurations which do not rely on a websockets reverse proxy.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_proxy_wstunnel tunneling of non Upgraded connection"
},
{
"cve": "CVE-2019-20838",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848444"
}
],
"notes": [
{
"category": "description",
"text": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-20838"
},
{
"category": "external",
"summary": "RHBZ#1848444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838"
}
],
"release_date": "2020-06-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "Do not use more than one fixed quantifier with \\R or \\X with UTF disabled in PCRE or PCRE2, as these are the conditions needed to trigger the flaw.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1"
},
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Marc Stern"
]
}
],
"cve": "CVE-2020-13950",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966738"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In Apache httpd. The mod_proxy has a NULL pointer dereference. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-13950"
},
{
"category": "external",
"summary": "RHBZ#1966738",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966738"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-13950",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13950"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13950",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13950"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_proxy NULL pointer dereference"
},
{
"cve": "CVE-2020-14155",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2020-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848436"
}
],
"notes": [
{
"category": "description",
"text": "libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pcre: Integer overflow when parsing callout numeric arguments",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14155"
},
{
"category": "external",
"summary": "RHBZ#1848436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14155"
}
],
"release_date": "2020-06-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by not compiling regular expressions with a callout value greater outside of 0-255 or handling the value passed to the callback within the application code.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pcre: Integer overflow when parsing callout numeric arguments"
},
{
"acknowledgments": [
{
"names": [
"the Apache project"
]
},
{
"names": [
"Antonio Morales"
],
"organization": "GHSL"
}
],
"cve": "CVE-2020-35452",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966724"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache httpd. The mod_auth_digest has a single zero byte stack overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Single zero byte stack overflow in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a one byte overflow and as per upstream it should be non-exploitable in most condtions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35452"
},
{
"category": "external",
"summary": "RHBZ#1966724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966724"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35452"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35452",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35452"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "Only configurations which use mod_auth_digest are affected by this flaw. Also as per upstream this flaw is not exploitable in most conditions, so there should really be no impact of this flaw.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: Single zero byte stack overflow in mod_auth_digest"
},
{
"cve": "CVE-2021-3688",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-05-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1990252"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JBCS: URL normalization issue with dot-dot-semicolon(s) leads to information disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3688"
},
{
"category": "external",
"summary": "RHBZ#1990252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990252"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3688",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3688"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3688",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3688"
}
],
"release_date": "2021-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "Manually add LocationMatch directive to deny any possible problem requests in the JBCS httpd configuration. For example:\n~~~\n\u003cLocationMatch \".*\\.\\.;.*\"\u003e\n Require all denied\n\u003c/LocationMatch\u003e\n~~~",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JBCS: URL normalization issue with dot-dot-semicolon(s) leads to information disclosure"
},
{
"acknowledgments": [
{
"names": [
"the OpenSSL project"
],
"organization": "Ingo Schwarze",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2021-3712",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-08-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1995634"
}
],
"notes": [
{
"category": "description",
"text": "It was found that openssl assumed ASN.1 strings to be NUL terminated. A malicious actor may be able to force an application into calling openssl function with a specially crafted, non-NUL terminated string to deliberately hit this bug, which may result in a crash of the application, causing a Denial of Service attack, or possibly, memory disclosure. The highest threat from this vulnerability is to data confidentiality and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Read buffer overruns processing ASN.1 strings",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do not ship the affected OpenSSL component but rely on the Red Hat Enterprise Linux to consume them:\n * Red Hat Satellite\n * Red Hat Update Infrastructure\n * Red Hat CloudForms\n\nThe Red Hat Advanced Cluster Management for Kubernetes is using the vulnerable version of the library, however the vulnerable code path is not reachable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3712"
},
{
"category": "external",
"summary": "RHBZ#1995634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20210824.txt",
"url": "https://www.openssl.org/news/secadv/20210824.txt"
}
],
"release_date": "2021-08-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Read buffer overruns processing ASN.1 strings"
},
{
"cve": "CVE-2021-23840",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2021-02-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930324"
}
],
"notes": [
{
"category": "description",
"text": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissible length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: integer overflow in CipherUpdate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw only affects applications which are compiled with OpenSSL and using EVP_CipherUpdate, EVP_EncryptUpdate or EVP_DecryptUpdate functions. When specially-crafted values are passed to these functions, it can cause the application to crash or behave incorrectly.\n\nOpenSSL in Red Hat Enterprise Linux 9 was marked as not affected as its already fixed in RHEL9 Alpha release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-23840"
},
{
"category": "external",
"summary": "RHBZ#1930324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-23840",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20210216.txt",
"url": "https://www.openssl.org/news/secadv/20210216.txt"
}
],
"release_date": "2021-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: integer overflow in CipherUpdate"
},
{
"cve": "CVE-2021-23841",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-02-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930310"
}
],
"notes": [
{
"category": "description",
"text": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a a null pointer dereference in the X509_issuer_and_serial_hash() function, which can result in crash if called by an application compiled with OpenSSL, by passing a specially-crafted certificate. OpenSSL internally does not use this function.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-23841"
},
{
"category": "external",
"summary": "RHBZ#1930310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-23841",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23841"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20210216.txt",
"url": "https://www.openssl.org/news/secadv/20210216.txt"
}
],
"release_date": "2021-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "As per upstream \"The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources.\"",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()"
},
{
"acknowledgments": [
{
"names": [
"the Apache project"
]
},
{
"names": [
"Antonio Morales"
],
"organization": "GHSL"
}
],
"cve": "CVE-2021-26690",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966729"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference was found in Apache httpd mod_session. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_session: NULL pointer dereference when parsing Cookie header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a null pointer deference caused when using mod_session. It can result in crash of httpd child process by a remote attacker.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26690"
},
{
"category": "external",
"summary": "RHBZ#1966729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966729"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26690"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26690",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26690"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "Only configurations which use the \"SessionEnv\" directive (which is not widely used) are vulnerable to this flaw. SessionEnv is not enabled in default configuration of httpd package shipped with Red Hat Products.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_session: NULL pointer dereference when parsing Cookie header"
},
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Christophe Jaillet"
]
}
],
"cve": "CVE-2021-26691",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966732"
}
],
"notes": [
{
"category": "description",
"text": "A heap overflow flaw was found In Apache httpd mod_session. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_session: Heap overflow via a crafted SessionHeader value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw can result in a crash of the httpd child process when mod_session is used.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26691"
},
{
"category": "external",
"summary": "RHBZ#1966732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26691"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26691",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26691"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "Only configurations which use the \"SessionEnv\" directive (which is not widely used) are vulnerable to this flaw. SessionEnv is not enabled in default configuration of httpd package shipped with Red Hat Products.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_session: Heap overflow via a crafted SessionHeader value"
},
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Christoph Anton Mitterer"
]
}
],
"cve": "CVE-2021-30641",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966743"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache httpd. A possible regression from an earlier security fix broke behavior of MergeSlashes. The highest threat from this vulnerability is to data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Unexpected URL matching with \u0027MergeSlashes OFF\u0027",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw was introduced when fixing https://access.redhat.com/security/cve/cve-2019-0220, therefore versions of httpd package shipped with Red Hat Enterprise Linux 7, 8 and Red Hat Software Collections are affected by this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-30641"
},
{
"category": "external",
"summary": "RHBZ#1966743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-30641",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30641"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-30641",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30641"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "This issue can be mitigated by setting the \"MergeSlashes\" directive to OFF",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Unexpected URL matching with \u0027MergeSlashes OFF\u0027"
},
{
"cve": "CVE-2021-34798",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2005128"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: NULL pointer dereference via malformed requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34798"
},
{
"category": "external",
"summary": "RHBZ#2005128",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005128"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34798",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34798"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: NULL pointer dereference via malformed requests"
}
]
}
rhsa-2021_4614
Vulnerability from csaf_redhat
Published
2021-11-10 17:20
Modified
2024-09-16 06:18
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP10 security update
Notes
Topic
Updated packages that provide Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release adds the new Apache HTTP Server 2.4.37 Service Pack 10 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 9 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* httpd: Single zero byte stack overflow in mod_auth_digest (CVE-2020-35452)
* httpd: mod_session NULL pointer dereference in parser (CVE-2021-26690)
* httpd: Heap overflow in mod_session (CVE-2021-26691)
* httpd: mod_proxy_wstunnel tunneling of non Upgraded connection (CVE-2019-17567)
* httpd: MergeSlashes regression (CVE-2021-30641)
* httpd: mod_proxy NULL pointer dereference (CVE-2020-13950)
* jbcs-httpd24-openssl: openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841)
* openssl: Read buffer overruns processing ASN.1 strings (CVE-2021-3712)
* openssl: integer overflow in CipherUpdate (CVE-2021-23840)
* pcre: buffer over-read in JIT when UTF is disabled (CVE-2019-20838)
* pcre: integer overflow in libpcre (CVE-2020-14155)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated packages that provide Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release adds the new Apache HTTP Server 2.4.37 Service Pack 10 packages that are part of the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 9 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* httpd: Single zero byte stack overflow in mod_auth_digest (CVE-2020-35452)\n* httpd: mod_session NULL pointer dereference in parser (CVE-2021-26690)\n* httpd: Heap overflow in mod_session (CVE-2021-26691)\n* httpd: mod_proxy_wstunnel tunneling of non Upgraded connection (CVE-2019-17567)\n* httpd: MergeSlashes regression (CVE-2021-30641)\n* httpd: mod_proxy NULL pointer dereference (CVE-2020-13950)\n* jbcs-httpd24-openssl: openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841)\n* openssl: Read buffer overruns processing ASN.1 strings (CVE-2021-3712)\n* openssl: integer overflow in CipherUpdate (CVE-2021-23840)\n* pcre: buffer over-read in JIT when UTF is disabled (CVE-2019-20838)\n* pcre: integer overflow in libpcre (CVE-2020-14155)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:4614",
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1848436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436"
},
{
"category": "external",
"summary": "1848444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444"
},
{
"category": "external",
"summary": "1930310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930310"
},
{
"category": "external",
"summary": "1930324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930324"
},
{
"category": "external",
"summary": "1966724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966724"
},
{
"category": "external",
"summary": "1966729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966729"
},
{
"category": "external",
"summary": "1966732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966732"
},
{
"category": "external",
"summary": "1966738",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966738"
},
{
"category": "external",
"summary": "1966740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966740"
},
{
"category": "external",
"summary": "1966743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966743"
},
{
"category": "external",
"summary": "1995634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995634"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_4614.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP10 security update",
"tracking": {
"current_release_date": "2024-09-16T06:18:06+00:00",
"generator": {
"date": "2024-09-16T06:18:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2021:4614",
"initial_release_date": "2021-11-10T17:20:46+00:00",
"revision_history": [
{
"date": "2021-11-10T17:20:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-11-10T17:20:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-16T06:18:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services on RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Core Services on RHEL 8",
"product": {
"name": "Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"product_id": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-107.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-84.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"product_id": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.78.0-2.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"product_id": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-39.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"product_id": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1g-8.jbcs.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-7.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-22.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"product_id": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-78.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-21.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-40.jbcs.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.16-9.Final_redhat_2.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-67.GA.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-20.redhat_1.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"product_id": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-107.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-84.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"product_id": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.78.0-2.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"product_id": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-39.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"product_id": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1g-8.el8jbcs?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-7.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-22.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"product_id": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-78.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-21.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-40.el8jbcs?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-20.redhat_1.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.16-9.Final_redhat_2.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-67.GA.el8jbcs?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-107.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-devel@1.6.3-107.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo@1.6.3-107.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.78.0-2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.78.0-2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.78.0-2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.78.0-2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-39.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.39.2-39.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.39.2-39.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1g-8.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.1.1g-8.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.1.1g-8.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.1.1g-8.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.1.1g-8.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.1.1g-8.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-7.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil-debuginfo@1.0.0-7.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-22.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11-debuginfo@0.4.10-22.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-78.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.37-78.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.37-78.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.37-78.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.37-78.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.37-78.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.37-78.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.37-78.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.37-78.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-21.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.7-21.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-40.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.0.8-40.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.16-9.Final_redhat_2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.16-9.Final_redhat_2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-67.GA.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.2-67.GA.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.48-20.redhat_1.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.48-20.redhat_1.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.48-20.redhat_1.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-107.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-devel@1.6.3-107.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo@1.6.3-107.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.78.0-2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.78.0-2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.78.0-2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.78.0-2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-debuginfo@7.78.0-2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-39.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.39.2-39.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.39.2-39.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1g-8.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.1.1g-8.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.1.1g-8.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.1.1g-8.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.1.1g-8.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.1.1g-8.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs-debuginfo@1.1.1g-8.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-7.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil-debuginfo@1.0.0-7.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-22.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11-debuginfo@0.4.10-22.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.37-78.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.37-78.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools-debuginfo@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap-debuginfo@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html-debuginfo@2.4.37-78.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session-debuginfo@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl-debuginfo@2.4.37-78.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-21.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.7-21.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-40.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.0.8-40.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.48-20.redhat_1.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.48-20.redhat_1.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24-debuginfo@1.2.48-20.redhat_1.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.16-9.Final_redhat_2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.16-9.Final_redhat_2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-67.GA.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.2-67.GA.el8jbcs?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"product": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"product_id": "jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.37-78.jbcs.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"product": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"product_id": "jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.37-78.el8jbcs?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch"
},
"product_reference": "jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch"
},
"product_reference": "jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Mikhail Egorov"
]
}
],
"cve": "CVE-2019-17567",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966740"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache httpd. The mod_proxy_wstunnel module tunnels non-upgraded connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy_wstunnel tunneling of non Upgraded connection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17567"
},
{
"category": "external",
"summary": "RHBZ#1966740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17567",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17567"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17567",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17567"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "Only configurations which use mod_proxy_wstunnel are affected by this flaw. It is also safe to comment-out the \"LoadModule proxy_wstunnel_module ... \" line in /etc/httpd/conf.modules.d/00-proxy.conf for configurations which do not rely on a websockets reverse proxy.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_proxy_wstunnel tunneling of non Upgraded connection"
},
{
"cve": "CVE-2019-20838",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848444"
}
],
"notes": [
{
"category": "description",
"text": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-20838"
},
{
"category": "external",
"summary": "RHBZ#1848444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838"
}
],
"release_date": "2020-06-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "Do not use more than one fixed quantifier with \\R or \\X with UTF disabled in PCRE or PCRE2, as these are the conditions needed to trigger the flaw.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1"
},
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Marc Stern"
]
}
],
"cve": "CVE-2020-13950",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966738"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In Apache httpd. The mod_proxy has a NULL pointer dereference. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-13950"
},
{
"category": "external",
"summary": "RHBZ#1966738",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966738"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-13950",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13950"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13950",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13950"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_proxy NULL pointer dereference"
},
{
"cve": "CVE-2020-14155",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2020-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848436"
}
],
"notes": [
{
"category": "description",
"text": "libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pcre: Integer overflow when parsing callout numeric arguments",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14155"
},
{
"category": "external",
"summary": "RHBZ#1848436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14155"
}
],
"release_date": "2020-06-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by not compiling regular expressions with a callout value greater outside of 0-255 or handling the value passed to the callback within the application code.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pcre: Integer overflow when parsing callout numeric arguments"
},
{
"acknowledgments": [
{
"names": [
"the Apache project"
]
},
{
"names": [
"Antonio Morales"
],
"organization": "GHSL"
}
],
"cve": "CVE-2020-35452",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966724"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache httpd. The mod_auth_digest has a single zero byte stack overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Single zero byte stack overflow in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a one byte overflow and as per upstream it should be non-exploitable in most condtions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35452"
},
{
"category": "external",
"summary": "RHBZ#1966724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966724"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35452"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35452",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35452"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "Only configurations which use mod_auth_digest are affected by this flaw. Also as per upstream this flaw is not exploitable in most conditions, so there should really be no impact of this flaw.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: Single zero byte stack overflow in mod_auth_digest"
},
{
"cve": "CVE-2021-3688",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-05-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1990252"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JBCS: URL normalization issue with dot-dot-semicolon(s) leads to information disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3688"
},
{
"category": "external",
"summary": "RHBZ#1990252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990252"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3688",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3688"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3688",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3688"
}
],
"release_date": "2021-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "Manually add LocationMatch directive to deny any possible problem requests in the JBCS httpd configuration. For example:\n~~~\n\u003cLocationMatch \".*\\.\\.;.*\"\u003e\n Require all denied\n\u003c/LocationMatch\u003e\n~~~",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JBCS: URL normalization issue with dot-dot-semicolon(s) leads to information disclosure"
},
{
"acknowledgments": [
{
"names": [
"the OpenSSL project"
],
"organization": "Ingo Schwarze",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2021-3712",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-08-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1995634"
}
],
"notes": [
{
"category": "description",
"text": "It was found that openssl assumed ASN.1 strings to be NUL terminated. A malicious actor may be able to force an application into calling openssl function with a specially crafted, non-NUL terminated string to deliberately hit this bug, which may result in a crash of the application, causing a Denial of Service attack, or possibly, memory disclosure. The highest threat from this vulnerability is to data confidentiality and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Read buffer overruns processing ASN.1 strings",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do not ship the affected OpenSSL component but rely on the Red Hat Enterprise Linux to consume them:\n * Red Hat Satellite\n * Red Hat Update Infrastructure\n * Red Hat CloudForms\n\nThe Red Hat Advanced Cluster Management for Kubernetes is using the vulnerable version of the library, however the vulnerable code path is not reachable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3712"
},
{
"category": "external",
"summary": "RHBZ#1995634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20210824.txt",
"url": "https://www.openssl.org/news/secadv/20210824.txt"
}
],
"release_date": "2021-08-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Read buffer overruns processing ASN.1 strings"
},
{
"cve": "CVE-2021-23840",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2021-02-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930324"
}
],
"notes": [
{
"category": "description",
"text": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissible length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: integer overflow in CipherUpdate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw only affects applications which are compiled with OpenSSL and using EVP_CipherUpdate, EVP_EncryptUpdate or EVP_DecryptUpdate functions. When specially-crafted values are passed to these functions, it can cause the application to crash or behave incorrectly.\n\nOpenSSL in Red Hat Enterprise Linux 9 was marked as not affected as its already fixed in RHEL9 Alpha release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-23840"
},
{
"category": "external",
"summary": "RHBZ#1930324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-23840",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20210216.txt",
"url": "https://www.openssl.org/news/secadv/20210216.txt"
}
],
"release_date": "2021-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: integer overflow in CipherUpdate"
},
{
"cve": "CVE-2021-23841",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-02-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930310"
}
],
"notes": [
{
"category": "description",
"text": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a a null pointer dereference in the X509_issuer_and_serial_hash() function, which can result in crash if called by an application compiled with OpenSSL, by passing a specially-crafted certificate. OpenSSL internally does not use this function.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-23841"
},
{
"category": "external",
"summary": "RHBZ#1930310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-23841",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23841"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20210216.txt",
"url": "https://www.openssl.org/news/secadv/20210216.txt"
}
],
"release_date": "2021-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "As per upstream \"The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources.\"",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()"
},
{
"acknowledgments": [
{
"names": [
"the Apache project"
]
},
{
"names": [
"Antonio Morales"
],
"organization": "GHSL"
}
],
"cve": "CVE-2021-26690",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966729"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference was found in Apache httpd mod_session. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_session: NULL pointer dereference when parsing Cookie header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a null pointer deference caused when using mod_session. It can result in crash of httpd child process by a remote attacker.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26690"
},
{
"category": "external",
"summary": "RHBZ#1966729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966729"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26690"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26690",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26690"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "Only configurations which use the \"SessionEnv\" directive (which is not widely used) are vulnerable to this flaw. SessionEnv is not enabled in default configuration of httpd package shipped with Red Hat Products.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_session: NULL pointer dereference when parsing Cookie header"
},
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Christophe Jaillet"
]
}
],
"cve": "CVE-2021-26691",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966732"
}
],
"notes": [
{
"category": "description",
"text": "A heap overflow flaw was found In Apache httpd mod_session. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_session: Heap overflow via a crafted SessionHeader value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw can result in a crash of the httpd child process when mod_session is used.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26691"
},
{
"category": "external",
"summary": "RHBZ#1966732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26691"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26691",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26691"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "Only configurations which use the \"SessionEnv\" directive (which is not widely used) are vulnerable to this flaw. SessionEnv is not enabled in default configuration of httpd package shipped with Red Hat Products.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_session: Heap overflow via a crafted SessionHeader value"
},
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Christoph Anton Mitterer"
]
}
],
"cve": "CVE-2021-30641",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966743"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache httpd. A possible regression from an earlier security fix broke behavior of MergeSlashes. The highest threat from this vulnerability is to data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Unexpected URL matching with \u0027MergeSlashes OFF\u0027",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw was introduced when fixing https://access.redhat.com/security/cve/cve-2019-0220, therefore versions of httpd package shipped with Red Hat Enterprise Linux 7, 8 and Red Hat Software Collections are affected by this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-30641"
},
{
"category": "external",
"summary": "RHBZ#1966743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-30641",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30641"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-30641",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30641"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "This issue can be mitigated by setting the \"MergeSlashes\" directive to OFF",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Unexpected URL matching with \u0027MergeSlashes OFF\u0027"
},
{
"cve": "CVE-2021-34798",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2005128"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: NULL pointer dereference via malformed requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34798"
},
{
"category": "external",
"summary": "RHBZ#2005128",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005128"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34798",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34798"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: NULL pointer dereference via malformed requests"
}
]
}
var-202106-1875
Vulnerability from variot
Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service. Apache HTTP Server is an open source web server of the Apache Foundation in the United States. The server is fast, reliable and extensible through a simple API. A remote attacker could exploit the vulnerability to pass specially crafted data to the application and perform a denial of service (DoS) attack. ========================================================================== Ubuntu Security Notice USN-4994-1 June 21, 2021
apache2 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in Apache HTTP Server.
Software Description: - apache2: Apache HTTP server
Details:
Marc Stern discovered that the Apache mod_proxy_http module incorrectly handled certain requests. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2020-13950)
Antonio Morales discovered that the Apache mod_auth_digest module incorrectly handled certain Digest nonces. (CVE-2020-35452)
Antonio Morales discovered that the Apache mod_session module incorrectly handled certain Cookie headers. (CVE-2021-26690)
Christophe Jaillet discovered that the Apache mod_session module incorrectly handled certain SessionHeader values. (CVE-2021-26691)
Christoph Anton Mitterer discovered that the new MergeSlashes configuration option resulted in unexpected behaviour in certain situations. (CVE-2021-30641)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 21.04: apache2 2.4.46-4ubuntu1.1 apache2-bin 2.4.46-4ubuntu1.1
Ubuntu 20.10: apache2 2.4.46-1ubuntu1.2 apache2-bin 2.4.46-1ubuntu1.2
Ubuntu 20.04 LTS: apache2 2.4.41-4ubuntu3.3 apache2-bin 2.4.41-4ubuntu3.3
Ubuntu 18.04 LTS: apache2 2.4.29-1ubuntu4.16 apache2-bin 2.4.29-1ubuntu4.16
In general, a standard system update will make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202107-38
https://security.gentoo.org/
Severity: Low Title: Apache: Multiple vulnerabilities Date: July 17, 2021 Bugs: #795231 ID: 202107-38
Synopsis
Multiple vulnerabilities have been found in Apache, the worst of which could result in a Denial of Service condition.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-servers/apache < 2.4.48 >= 2.4.48
Description
Multiple vulnerabilities have been discovered in Apache. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All Apache users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-servers/apache-2.4.48"
References
[ 1 ] CVE-2019-17567 https://nvd.nist.gov/vuln/detail/CVE-2019-17567 [ 2 ] CVE-2020-13950 https://nvd.nist.gov/vuln/detail/CVE-2020-13950 [ 3 ] CVE-2020-35452 https://nvd.nist.gov/vuln/detail/CVE-2020-35452 [ 4 ] CVE-2021-26690 https://nvd.nist.gov/vuln/detail/CVE-2021-26690 [ 5 ] CVE-2021-26691 https://nvd.nist.gov/vuln/detail/CVE-2021-26691 [ 6 ] CVE-2021-30641 https://nvd.nist.gov/vuln/detail/CVE-2021-30641 [ 7 ] CVE-2021-31618 https://nvd.nist.gov/vuln/detail/CVE-2021-31618
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202107-38
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2021 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: httpd:2.4 security, bug fix, and enhancement update Advisory ID: RHSA-2021:4257-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:4257 Issue date: 2021-11-09 CVE Names: CVE-2021-26690 CVE-2021-30641 ==================================================================== 1. Summary:
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
Security Fix(es):
-
httpd: mod_session: NULL pointer dereference when parsing Cookie header (CVE-2021-26690)
-
httpd: Unexpected URL matching with 'MergeSlashes OFF' (CVE-2021-30641)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the updated packages, the httpd daemon will be restarted automatically.
- Bugs fixed (https://bugzilla.redhat.com/):
1905613 - mod_ssl does not like valid certificate chain 1934741 - Apache trademark update - new logo 1935742 - [RFE] backport samesite/httponly/secure flags for usertrack 1937334 - SSLProtocol with based virtual hosts 1952557 - mod_proxy_wstunnel.html is a malformed XML 1966729 - CVE-2021-26690 httpd: mod_session: NULL pointer dereference when parsing Cookie header 1966743 - CVE-2021-30641 httpd: Unexpected URL matching with 'MergeSlashes OFF'
- Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source: httpd-2.4.37-41.module+el8.5.0+11772+c8e0c271.src.rpm mod_http2-1.15.7-3.module+el8.4.0+8625+d397f3da.src.rpm mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.src.rpm
aarch64: httpd-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm httpd-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm httpd-debugsource-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm httpd-devel-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm httpd-tools-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm httpd-tools-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm mod_http2-1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64.rpm mod_http2-debuginfo-1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64.rpm mod_http2-debugsource-1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64.rpm mod_ldap-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm mod_ldap-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64.rpm mod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64.rpm mod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64.rpm mod_proxy_html-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm mod_proxy_html-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm mod_session-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm mod_session-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm mod_ssl-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm mod_ssl-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm
noarch: httpd-filesystem-2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch.rpm httpd-manual-2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch.rpm
ppc64le: httpd-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm httpd-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm httpd-debugsource-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm httpd-devel-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm httpd-tools-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm httpd-tools-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm mod_http2-1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le.rpm mod_http2-debuginfo-1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le.rpm mod_http2-debugsource-1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le.rpm mod_ldap-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm mod_ldap-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le.rpm mod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le.rpm mod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le.rpm mod_proxy_html-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm mod_proxy_html-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm mod_session-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm mod_session-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm mod_ssl-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm mod_ssl-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm
s390x: httpd-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm httpd-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm httpd-debugsource-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm httpd-devel-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm httpd-tools-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm httpd-tools-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm mod_http2-1.15.7-3.module+el8.4.0+8625+d397f3da.s390x.rpm mod_http2-debuginfo-1.15.7-3.module+el8.4.0+8625+d397f3da.s390x.rpm mod_http2-debugsource-1.15.7-3.module+el8.4.0+8625+d397f3da.s390x.rpm mod_ldap-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm mod_ldap-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.s390x.rpm mod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.s390x.rpm mod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.s390x.rpm mod_proxy_html-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm mod_proxy_html-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm mod_session-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm mod_session-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm mod_ssl-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm mod_ssl-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm
x86_64: httpd-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm httpd-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm httpd-debugsource-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm httpd-devel-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm httpd-tools-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm httpd-tools-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm mod_http2-1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64.rpm mod_http2-debuginfo-1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64.rpm mod_http2-debugsource-1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64.rpm mod_ldap-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm mod_ldap-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64.rpm mod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64.rpm mod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64.rpm mod_proxy_html-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm mod_proxy_html-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm mod_session-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm mod_session-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm mod_ssl-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm mod_ssl-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2021-26690 https://access.redhat.com/security/cve/CVE-2021-30641 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYYrer9zjgjWX9erEAQidnxAAljIz0c1qtUxP9lnANeO/5Dkx3XhX1VaN sOO/DRmelj7YeHeelF1HfX3lTfRXZ22/rSzV/EbCMhnRYheTpKq5kCmCanqRmHvo F3CVF2c9wbPpi6b/ww+VzdF4RuhWSY7ZN+oOT8P8rxtX9GcmQ9lYB+HF/BAKVPB7 BHWcJ9eK+wenF931qT6Tg00dfWLJdwEeefZOw1G0VeeUdw4S420LYNM0DHA10HiC 58mzqQMCh2lJ4nlMlK5BHWcTOm0J6AJkoHNrDWHvyAdbtKmK6wgRiSx5WMRmhTin RgXchqrR52GwZwrCCkXhXzMhZ2Ps7G1hgPLXguApDP2AGDFQ/YlTMAImMBGwZw8i jwMq8BL785q4FRKrgCjM0iNBoGYW5rkBtJbiSPeiBuE0VF8ryDp8uwTsREaw/Ybk xKw5kry6Cj2Kl1kuvEI7Px9oFh5Wz1ZImfUaUP+GYDFwUmHdmMZj+bzwGQF21B1M IRpnQH1A8LGF73FWrPX7UBUmzstRadxfbtLXdeOnxxooXbCTwRS4afz4JkZubEZ6 XhrOCJsTM6idFd6NTMYT8f+UhoSojMvqrP27oi4DhiJw4T9Qh5qV0sp3v4+UwD0b VXWRUvWSRk3pVgDPVnhlnK1Ga9GFG5hg0TMo3ssqjq0PknJWcaSIEoFsOkuGxa4t F+wizQuyFY4=Bqs/ -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 9 and includes bug fixes and enhancements. Solution:
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
The References section of this erratum contains a download link for the update. You must be logged in to download the update.
For the stable distribution (buster), these problems have been fixed in version 2.4.38-3+deb10u5.
We recommend that you upgrade your apache2 packages.
For the detailed security status of apache2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/apache2
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmDnMiAACgkQEMKTtsN8 TjbNqg/9Hrd2EqNC4ijkjHNI/B6K74GgElHVSNcF/vbOp0zmOHaRLaOr06rfXmz+ AYM9nJR4xNJQWaXKFXpCVNvmlaKKbgyiK1LFrslh4aOCVdaVxQIYlYEeOoHthc1K fZawY6qhGf4VrgSkTNhaKakNikpf4lqh7L14LUFSA0b9nRkAy7CtqGuOzgEaUR26 qRUjPewKCeE2QhMgA63ne+XxPUF4I2WYEV8SPdKRfPmMwFlUpwB8bvherjDV+53H ZRs81ZMHk05N1ESI2wYGSR/dh/xYqt/01cXJ636JR39AQR51beIVtxekzwTW/aPE mC2ZY7aH4rsLqcFe3bJcVPQjD0r/fHUVSex1Mnr7mETD5aHAohUfHLEEV1+qR8Cx gz8Z63k0KvmVNe7WetGzwsWnvOXnDdRr63qM0UqEkd3Tre0tLWXjmTUfdUcicAof NsXPtJT8eNwi+E9YmpY5IQRE88uQ2sk2NTGaQ4EetMpLqX5h7brF15OTVxqVbUPP sqAZpgz6lD2Y0P4tXGCYP3u+B48pcNqOS66JJNHO9gJgVu3O+MDQFss+Z5P5JKzI H/KJMv58eFlyP+SsGZbHcDuH/IN8ZMvJA4gsrtHDzRoowFBOS1zDXJjEYdAlzEyq B1SgwN1PXkxPDUAF2+z9dvAeEOrMUUhQhTOC4OnxFxPssSwHEps= =O0O+ -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202106-1875",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.4.0.0"
},
{
"model": "instantis enterprisetrack",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "17.3"
},
{
"model": "instantis enterprisetrack",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "17.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "34"
},
{
"model": "http server",
"scope": "lte",
"trust": 1.0,
"vendor": "apache",
"version": "2.4.46"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.4.0"
},
{
"model": "zfs storage appliance kit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.8"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"model": "instantis enterprisetrack",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "17.2"
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "instantis enterprisetrack",
"scope": null,
"trust": 0.8,
"vendor": "\u30aa\u30e9\u30af\u30eb",
"version": null
},
{
"model": "fedora",
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": "zfs storage appliance kit",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30aa\u30e9\u30af\u30eb",
"version": null
},
{
"model": "oracle enterprise manager ops center",
"scope": null,
"trust": 0.8,
"vendor": "\u30aa\u30e9\u30af\u30eb",
"version": null
},
{
"model": "http server",
"scope": null,
"trust": 0.8,
"vendor": "apache",
"version": null
},
{
"model": "http server",
"scope": "gte",
"trust": 0.6,
"vendor": "apache",
"version": "2.4.0,\u003c=2.4.46"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-13199"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008067"
},
{
"db": "NVD",
"id": "CVE-2021-26690"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.4.46",
"versionStartIncluding": "2.4.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-26690"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "164877"
},
{
"db": "PACKETSTORM",
"id": "164927"
},
{
"db": "PACKETSTORM",
"id": "164928"
}
],
"trust": 0.3
},
"cve": "CVE-2021-26690",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2021-26690",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-13199",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2021-26690",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-26690",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2022-13199",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202106-212",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-26690",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-13199"
},
{
"db": "VULMON",
"id": "CVE-2021-26690"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008067"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-212"
},
{
"db": "NVD",
"id": "CVE-2021-26690"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service. Apache HTTP Server is an open source web server of the Apache Foundation in the United States. The server is fast, reliable and extensible through a simple API. A remote attacker could exploit the vulnerability to pass specially crafted data to the application and perform a denial of service (DoS) attack. ==========================================================================\nUbuntu Security Notice USN-4994-1\nJune 21, 2021\n\napache2 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 21.04\n- Ubuntu 20.10\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Apache HTTP Server. \n\nSoftware Description:\n- apache2: Apache HTTP server\n\nDetails:\n\nMarc Stern discovered that the Apache mod_proxy_http module incorrectly\nhandled certain requests. This issue only\naffected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2020-13950)\n\nAntonio Morales discovered that the Apache mod_auth_digest module\nincorrectly handled certain Digest nonces. \n(CVE-2020-35452)\n\nAntonio Morales discovered that the Apache mod_session module incorrectly\nhandled certain Cookie headers. \n(CVE-2021-26690)\n\nChristophe Jaillet discovered that the Apache mod_session module\nincorrectly handled certain SessionHeader values. (CVE-2021-26691)\n\nChristoph Anton Mitterer discovered that the new MergeSlashes configuration\noption resulted in unexpected behaviour in certain situations. \n(CVE-2021-30641)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 21.04:\n apache2 2.4.46-4ubuntu1.1\n apache2-bin 2.4.46-4ubuntu1.1\n\nUbuntu 20.10:\n apache2 2.4.46-1ubuntu1.2\n apache2-bin 2.4.46-1ubuntu1.2\n\nUbuntu 20.04 LTS:\n apache2 2.4.41-4ubuntu3.3\n apache2-bin 2.4.41-4ubuntu3.3\n\nUbuntu 18.04 LTS:\n apache2 2.4.29-1ubuntu4.16\n apache2-bin 2.4.29-1ubuntu4.16\n\nIn general, a standard system update will make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202107-38\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Low\n Title: Apache: Multiple vulnerabilities\n Date: July 17, 2021\n Bugs: #795231\n ID: 202107-38\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Apache, the worst of which\ncould result in a Denial of Service condition. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-servers/apache \u003c 2.4.48 \u003e= 2.4.48 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Apache. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Apache users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-servers/apache-2.4.48\"\n\nReferences\n==========\n\n[ 1 ] CVE-2019-17567\n https://nvd.nist.gov/vuln/detail/CVE-2019-17567\n[ 2 ] CVE-2020-13950\n https://nvd.nist.gov/vuln/detail/CVE-2020-13950\n[ 3 ] CVE-2020-35452\n https://nvd.nist.gov/vuln/detail/CVE-2020-35452\n[ 4 ] CVE-2021-26690\n https://nvd.nist.gov/vuln/detail/CVE-2021-26690\n[ 5 ] CVE-2021-26691\n https://nvd.nist.gov/vuln/detail/CVE-2021-26691\n[ 6 ] CVE-2021-30641\n https://nvd.nist.gov/vuln/detail/CVE-2021-30641\n[ 7 ] CVE-2021-31618\n https://nvd.nist.gov/vuln/detail/CVE-2021-31618\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202107-38\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2021 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Moderate: httpd:2.4 security, bug fix, and enhancement update\nAdvisory ID: RHSA-2021:4257-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:4257\nIssue date: 2021-11-09\nCVE Names: CVE-2021-26690 CVE-2021-30641\n====================================================================\n1. Summary:\n\nAn update for the httpd:2.4 module is now available for Red Hat Enterprise\nLinux 8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. \n\nSecurity Fix(es):\n\n* httpd: mod_session: NULL pointer dereference when parsing Cookie header\n(CVE-2021-26690)\n\n* httpd: Unexpected URL matching with \u0027MergeSlashes OFF\u0027 (CVE-2021-30641)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.5 Release Notes linked from the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1905613 - mod_ssl does not like valid certificate chain\n1934741 - Apache trademark update - new logo\n1935742 - [RFE] backport samesite/httponly/secure flags for usertrack\n1937334 - SSLProtocol with based virtual hosts\n1952557 - mod_proxy_wstunnel.html is a malformed XML\n1966729 - CVE-2021-26690 httpd: mod_session: NULL pointer dereference when parsing Cookie header\n1966743 - CVE-2021-30641 httpd: Unexpected URL matching with \u0027MergeSlashes OFF\u0027\n\n6. Package List:\n\nRed Hat Enterprise Linux AppStream (v. 8):\n\nSource:\nhttpd-2.4.37-41.module+el8.5.0+11772+c8e0c271.src.rpm\nmod_http2-1.15.7-3.module+el8.4.0+8625+d397f3da.src.rpm\nmod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.src.rpm\n\naarch64:\nhttpd-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm\nhttpd-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm\nhttpd-debugsource-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm\nhttpd-devel-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm\nhttpd-tools-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm\nhttpd-tools-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm\nmod_http2-1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64.rpm\nmod_http2-debuginfo-1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64.rpm\nmod_http2-debugsource-1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64.rpm\nmod_ldap-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm\nmod_ldap-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm\nmod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64.rpm\nmod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64.rpm\nmod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64.rpm\nmod_proxy_html-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm\nmod_proxy_html-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm\nmod_session-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm\nmod_session-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm\nmod_ssl-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm\nmod_ssl-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.aarch64.rpm\n\nnoarch:\nhttpd-filesystem-2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch.rpm\nhttpd-manual-2.4.37-41.module+el8.5.0+11772+c8e0c271.noarch.rpm\n\nppc64le:\nhttpd-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm\nhttpd-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm\nhttpd-debugsource-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm\nhttpd-devel-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm\nhttpd-tools-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm\nhttpd-tools-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm\nmod_http2-1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le.rpm\nmod_http2-debuginfo-1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le.rpm\nmod_http2-debugsource-1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le.rpm\nmod_ldap-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm\nmod_ldap-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm\nmod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le.rpm\nmod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le.rpm\nmod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le.rpm\nmod_proxy_html-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm\nmod_proxy_html-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm\nmod_session-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm\nmod_session-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm\nmod_ssl-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm\nmod_ssl-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.ppc64le.rpm\n\ns390x:\nhttpd-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm\nhttpd-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm\nhttpd-debugsource-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm\nhttpd-devel-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm\nhttpd-tools-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm\nhttpd-tools-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm\nmod_http2-1.15.7-3.module+el8.4.0+8625+d397f3da.s390x.rpm\nmod_http2-debuginfo-1.15.7-3.module+el8.4.0+8625+d397f3da.s390x.rpm\nmod_http2-debugsource-1.15.7-3.module+el8.4.0+8625+d397f3da.s390x.rpm\nmod_ldap-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm\nmod_ldap-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm\nmod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.s390x.rpm\nmod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.s390x.rpm\nmod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.s390x.rpm\nmod_proxy_html-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm\nmod_proxy_html-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm\nmod_session-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm\nmod_session-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm\nmod_ssl-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm\nmod_ssl-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.s390x.rpm\n\nx86_64:\nhttpd-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm\nhttpd-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm\nhttpd-debugsource-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm\nhttpd-devel-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm\nhttpd-tools-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm\nhttpd-tools-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm\nmod_http2-1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64.rpm\nmod_http2-debuginfo-1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64.rpm\nmod_http2-debugsource-1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64.rpm\nmod_ldap-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm\nmod_ldap-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm\nmod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64.rpm\nmod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64.rpm\nmod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64.rpm\nmod_proxy_html-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm\nmod_proxy_html-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm\nmod_session-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm\nmod_session-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm\nmod_ssl-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm\nmod_ssl-debuginfo-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-26690\nhttps://access.redhat.com/security/cve/CVE-2021-30641\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYYrer9zjgjWX9erEAQidnxAAljIz0c1qtUxP9lnANeO/5Dkx3XhX1VaN\nsOO/DRmelj7YeHeelF1HfX3lTfRXZ22/rSzV/EbCMhnRYheTpKq5kCmCanqRmHvo\nF3CVF2c9wbPpi6b/ww+VzdF4RuhWSY7ZN+oOT8P8rxtX9GcmQ9lYB+HF/BAKVPB7\nBHWcJ9eK+wenF931qT6Tg00dfWLJdwEeefZOw1G0VeeUdw4S420LYNM0DHA10HiC\n58mzqQMCh2lJ4nlMlK5BHWcTOm0J6AJkoHNrDWHvyAdbtKmK6wgRiSx5WMRmhTin\nRgXchqrR52GwZwrCCkXhXzMhZ2Ps7G1hgPLXguApDP2AGDFQ/YlTMAImMBGwZw8i\njwMq8BL785q4FRKrgCjM0iNBoGYW5rkBtJbiSPeiBuE0VF8ryDp8uwTsREaw/Ybk\nxKw5kry6Cj2Kl1kuvEI7Px9oFh5Wz1ZImfUaUP+GYDFwUmHdmMZj+bzwGQF21B1M\nIRpnQH1A8LGF73FWrPX7UBUmzstRadxfbtLXdeOnxxooXbCTwRS4afz4JkZubEZ6\nXhrOCJsTM6idFd6NTMYT8f+UhoSojMvqrP27oi4DhiJw4T9Qh5qV0sp3v4+UwD0b\nVXWRUvWSRk3pVgDPVnhlnK1Ga9GFG5hg0TMo3ssqjq0PknJWcaSIEoFsOkuGxa4t\nF+wizQuyFY4=Bqs/\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. This software, such as Apache HTTP Server, is\ncommon to multiple JBoss middleware products, and is packaged under Red Hat\nJBoss Core Services to allow for faster distribution of updates, and for a\nmore consistent update experience. \n\nThis release serves as a replacement for Red Hat JBoss Core Services Apache\nHTTP Server 2.4.37 Service Pack 9 and includes bug fixes and enhancements. Solution:\n\nBefore applying the update, back up your existing installation, including\nall applications, configuration files, databases and database settings, and\nso on. \n\nThe References section of this erratum contains a download link for the\nupdate. You must be logged in to download the update. \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 2.4.38-3+deb10u5. \n\nWe recommend that you upgrade your apache2 packages. \n\nFor the detailed security status of apache2 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/apache2\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmDnMiAACgkQEMKTtsN8\nTjbNqg/9Hrd2EqNC4ijkjHNI/B6K74GgElHVSNcF/vbOp0zmOHaRLaOr06rfXmz+\nAYM9nJR4xNJQWaXKFXpCVNvmlaKKbgyiK1LFrslh4aOCVdaVxQIYlYEeOoHthc1K\nfZawY6qhGf4VrgSkTNhaKakNikpf4lqh7L14LUFSA0b9nRkAy7CtqGuOzgEaUR26\nqRUjPewKCeE2QhMgA63ne+XxPUF4I2WYEV8SPdKRfPmMwFlUpwB8bvherjDV+53H\nZRs81ZMHk05N1ESI2wYGSR/dh/xYqt/01cXJ636JR39AQR51beIVtxekzwTW/aPE\nmC2ZY7aH4rsLqcFe3bJcVPQjD0r/fHUVSex1Mnr7mETD5aHAohUfHLEEV1+qR8Cx\ngz8Z63k0KvmVNe7WetGzwsWnvOXnDdRr63qM0UqEkd3Tre0tLWXjmTUfdUcicAof\nNsXPtJT8eNwi+E9YmpY5IQRE88uQ2sk2NTGaQ4EetMpLqX5h7brF15OTVxqVbUPP\nsqAZpgz6lD2Y0P4tXGCYP3u+B48pcNqOS66JJNHO9gJgVu3O+MDQFss+Z5P5JKzI\nH/KJMv58eFlyP+SsGZbHcDuH/IN8ZMvJA4gsrtHDzRoowFBOS1zDXJjEYdAlzEyq\nB1SgwN1PXkxPDUAF2+z9dvAeEOrMUUhQhTOC4OnxFxPssSwHEps=\n=O0O+\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-26690"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008067"
},
{
"db": "CNVD",
"id": "CNVD-2022-13199"
},
{
"db": "VULMON",
"id": "CVE-2021-26690"
},
{
"db": "PACKETSTORM",
"id": "163227"
},
{
"db": "PACKETSTORM",
"id": "163231"
},
{
"db": "PACKETSTORM",
"id": "163530"
},
{
"db": "PACKETSTORM",
"id": "164877"
},
{
"db": "PACKETSTORM",
"id": "164927"
},
{
"db": "PACKETSTORM",
"id": "164928"
},
{
"db": "PACKETSTORM",
"id": "169090"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-26690",
"trust": 4.6
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/06/10/6",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU96037838",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008067",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "163227",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "163530",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "164877",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "164927",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2022-13199",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021071201",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021071308",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021060713",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021071702",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021111102",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021060321",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2348",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2097",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2153",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.3784",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.3846",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2229",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2341",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2253",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202106-212",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-26690",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163231",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "164928",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169090",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-13199"
},
{
"db": "VULMON",
"id": "CVE-2021-26690"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008067"
},
{
"db": "PACKETSTORM",
"id": "163227"
},
{
"db": "PACKETSTORM",
"id": "163231"
},
{
"db": "PACKETSTORM",
"id": "163530"
},
{
"db": "PACKETSTORM",
"id": "164877"
},
{
"db": "PACKETSTORM",
"id": "164927"
},
{
"db": "PACKETSTORM",
"id": "164928"
},
{
"db": "PACKETSTORM",
"id": "169090"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-212"
},
{
"db": "NVD",
"id": "CVE-2021-26690"
}
]
},
"id": "VAR-202106-1875",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-13199"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-13199"
}
]
},
"last_update_date": "2024-02-12T22:38:25.830000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "FEDORA-2021-e3f6dd670d Oracle Oracle\u00a0Critical\u00a0Patch\u00a0Update",
"trust": 0.8,
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.48"
},
{
"title": "Patch for Apache HTTP Server Code Issue Vulnerability (CNVD-2022-13199)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/321246"
},
{
"title": "Apache HTTP Server Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=155428"
},
{
"title": "Red Hat: CVE-2021-26690",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2021-26690"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2021-26690 log"
},
{
"title": "Debian Security Advisories: DSA-4937-1 apache2 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=09601b67947dc3a4a0ebcea7ceece30e"
},
{
"title": "Amazon Linux AMI: ALAS-2021-1514",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2021-1514"
},
{
"title": "Amazon Linux 2: ALAS2-2021-1674",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alas2-2021-1674"
},
{
"title": "PROJET TUTEURE",
"trust": 0.1,
"url": "https://github.com/pierrechrd/py-projet-tut "
},
{
"title": "External Penetration Testing - Holo Corporate Network - TryHackMe - Holo Network",
"trust": 0.1,
"url": "https://github.com/austin-lai/external-penetration-testing-holo-corporate-network-tryhackme-holo-network "
},
{
"title": "Tier 0\nTier 1\nTier 2",
"trust": 0.1,
"url": "https://github.com/totes5706/toteshtb "
},
{
"title": "Skynet",
"trust": 0.1,
"url": "https://github.com/bioly230/thm_skynet "
},
{
"title": "Shodan Search Script",
"trust": 0.1,
"url": "https://github.com/firatesatoglu/shodansearch "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-13199"
},
{
"db": "VULMON",
"id": "CVE-2021-26690"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008067"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-212"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
},
{
"problemtype": "NULL Pointer dereference (CWE-476) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-008067"
},
{
"db": "NVD",
"id": "CVE-2021-26690"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-26690"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/202107-38"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2021/06/10/6"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20210702-0001/"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"
},
{
"trust": 1.7,
"url": "https://www.debian.org/security/2021/dsa-4937"
},
{
"trust": 1.7,
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"trust": 1.1,
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rae406c1d19c0dfd3103c96923dadac2af1cd0bad6905ab1ede153865%40%3cannounce.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3cdev.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/spbr6wuybjnachke65spl7tjohx7rhwd/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zncysr3bxt36fff4xtcpl3hdqk4vp45r/"
},
{
"trust": 1.0,
"url": "https://access.redhat.com/security/cve/cve-2021-26690"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu96037838/"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30641"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35452"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-26691"
},
{
"trust": 0.6,
"url": "httpd.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rae406c1d19c0dfd3103c96923dadac2af1cd0bad6905ab1ede153865@%3cannounce."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_24.html"
},
{
"trust": 0.6,
"url": "http://"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd@%3cdev."
},
{
"trust": 0.6,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/spbr6wuybjnachke65spl7tjohx7rhwd/"
},
{
"trust": 0.6,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/zncysr3bxt36fff4xtcpl3hdqk4vp45r/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/164927/red-hat-security-advisory-2021-4614-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021111102"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163530/gentoo-linux-security-advisory-202107-38.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021060713"
},
{
"trust": 0.6,
"url": "http-server-used-by-websphere-application-server-3/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2229"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3846"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2348"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021071201"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163227/ubuntu-security-notice-usn-4994-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2253"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2341"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2153"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021071308"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2097"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021071702"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3784"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/164877/red-hat-security-advisory-2021-4257-03.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021060321"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13950"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17567"
},
{
"trust": 0.3,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-30641"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://ubuntu.com/security/notices/usn-4994-1"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-31618"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-14155"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14155"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-17567"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-26691"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-20838"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3712"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-23841"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-23840"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-23841"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-23840"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20838"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-13950"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-35452"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3712"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/476.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/austin-lai/external-penetration-testing-holo-corporate-network-tryhackme-holo-network"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache2/2.4.46-1ubuntu1.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache2/2.4.29-1ubuntu4.16"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache2/2.4.41-4ubuntu3.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache2/2.4.46-4ubuntu1.1"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-4994-2"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:4257"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:4614"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:4613"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/apache2"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-13199"
},
{
"db": "VULMON",
"id": "CVE-2021-26690"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008067"
},
{
"db": "PACKETSTORM",
"id": "163227"
},
{
"db": "PACKETSTORM",
"id": "163231"
},
{
"db": "PACKETSTORM",
"id": "163530"
},
{
"db": "PACKETSTORM",
"id": "164877"
},
{
"db": "PACKETSTORM",
"id": "164927"
},
{
"db": "PACKETSTORM",
"id": "164928"
},
{
"db": "PACKETSTORM",
"id": "169090"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-212"
},
{
"db": "NVD",
"id": "CVE-2021-26690"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-13199"
},
{
"db": "VULMON",
"id": "CVE-2021-26690"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008067"
},
{
"db": "PACKETSTORM",
"id": "163227"
},
{
"db": "PACKETSTORM",
"id": "163231"
},
{
"db": "PACKETSTORM",
"id": "163530"
},
{
"db": "PACKETSTORM",
"id": "164877"
},
{
"db": "PACKETSTORM",
"id": "164927"
},
{
"db": "PACKETSTORM",
"id": "164928"
},
{
"db": "PACKETSTORM",
"id": "169090"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-212"
},
{
"db": "NVD",
"id": "CVE-2021-26690"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-13199"
},
{
"date": "2021-06-10T00:00:00",
"db": "VULMON",
"id": "CVE-2021-26690"
},
{
"date": "2022-03-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-008067"
},
{
"date": "2021-06-21T19:22:22",
"db": "PACKETSTORM",
"id": "163227"
},
{
"date": "2021-06-22T19:17:24",
"db": "PACKETSTORM",
"id": "163231"
},
{
"date": "2021-07-17T10:11:11",
"db": "PACKETSTORM",
"id": "163530"
},
{
"date": "2021-11-10T17:11:10",
"db": "PACKETSTORM",
"id": "164877"
},
{
"date": "2021-11-11T14:53:11",
"db": "PACKETSTORM",
"id": "164927"
},
{
"date": "2021-11-11T14:53:24",
"db": "PACKETSTORM",
"id": "164928"
},
{
"date": "2021-07-28T19:12:00",
"db": "PACKETSTORM",
"id": "169090"
},
{
"date": "2021-06-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202106-212"
},
{
"date": "2021-06-10T07:15:07.543000",
"db": "NVD",
"id": "CVE-2021-26690"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-13199"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2021-26690"
},
{
"date": "2022-03-03T03:25:00",
"db": "JVNDB",
"id": "JVNDB-2021-008067"
},
{
"date": "2021-11-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202106-212"
},
{
"date": "2023-11-07T03:31:47.720000",
"db": "NVD",
"id": "CVE-2021-26690"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "163227"
},
{
"db": "PACKETSTORM",
"id": "163231"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-212"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache\u00a0HTTP\u00a0Server\u00a0 of \u00a0mod_session\u00a0 In \u00a0NULL\u00a0 Pointer dereference vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-008067"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202106-212"
}
],
"trust": 0.6
}
}
gsd-2021-26690
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-26690",
"description": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service",
"id": "GSD-2021-26690",
"references": [
"https://www.suse.com/security/cve/CVE-2021-26690.html",
"https://www.debian.org/security/2021/dsa-4937",
"https://access.redhat.com/errata/RHSA-2021:4614",
"https://access.redhat.com/errata/RHSA-2021:4613",
"https://access.redhat.com/errata/RHSA-2021:4257",
"https://ubuntu.com/security/CVE-2021-26690",
"https://advisories.mageia.org/CVE-2021-26690.html",
"https://security.archlinux.org/CVE-2021-26690",
"https://alas.aws.amazon.com/cve/html/CVE-2021-26690.html",
"https://linux.oracle.com/cve/CVE-2021-26690.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-26690"
],
"details": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service",
"id": "GSD-2021-26690",
"modified": "2023-12-13T01:23:33.518465Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-26690",
"STATE": "PUBLIC",
"TITLE": "mod_session NULL pointer dereference"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.46"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.43"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.41"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.39"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.38"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.37"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.35"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.34"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.33"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.29"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.28"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.27"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.26"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.25"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.23"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.20"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.18"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.17"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.16"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.12"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.10"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.9"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.7"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.6"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.4"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.3"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.2"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.1"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.0"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "This issue was discovered and reported by GHSL team member @antonio-morales (Antonio Morales)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "low"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "mod_session NULL pointer dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://httpd.apache.org/security/vulnerabilities_24.html",
"refsource": "MISC",
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-announce] 20210609 CVE-2021-26690: mod_session NULL pointer dereference",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rae406c1d19c0dfd3103c96923dadac2af1cd0bad6905ab1ede153865@%3Cannounce.httpd.apache.org%3E"
},
{
"name": "[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd@%3Cdev.httpd.apache.org%3E"
},
{
"name": "[oss-security] 20210609 CVE-2021-26690: Apache httpd: mod_session NULL pointer dereference",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/06/10/6"
},
{
"name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"
},
{
"name": "DSA-4937",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4937"
},
{
"name": "GLSA-202107-38",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202107-38"
},
{
"name": "FEDORA-2021-dce7e7738e",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/"
},
{
"name": "FEDORA-2021-e3f6dd670d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210702-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210702-0001/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.4.46",
"versionStartIncluding": "2.4.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-26690"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "N/A",
"refsource": "CONFIRM",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name": "N/A",
"refsource": "CONFIRM",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-announce] 20210609 CVE-2021-26690: mod_session NULL pointer dereference",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/rae406c1d19c0dfd3103c96923dadac2af1cd0bad6905ab1ede153865@%3Cannounce.httpd.apache.org%3E"
},
{
"name": "[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd@%3Cdev.httpd.apache.org%3E"
},
{
"name": "[oss-security] 20210609 CVE-2021-26690: Apache httpd: mod_session NULL pointer dereference",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/06/10/6"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210702-0001/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210702-0001/"
},
{
"name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"
},
{
"name": "DSA-4937",
"refsource": "DEBIAN",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4937"
},
{
"name": "GLSA-202107-38",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-38"
},
{
"name": "FEDORA-2021-dce7e7738e",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/"
},
{
"name": "FEDORA-2021-e3f6dd670d",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2021-12-01T21:33Z",
"publishedDate": "2021-06-10T07:15Z"
}
}
}
wid-sec-w-2022-0438
Vulnerability from csaf_certbund
Published
2021-06-09 22:00
Modified
2024-05-26 22:00
Summary
Apache HTTP Server: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Apache ist ein Webserver für verschiedene Plattformen.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apache HTTP Server ausnutzen, um einen Denial of Service Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder sonstige Auswirkungen zu verursachen.
Betroffene Betriebssysteme
- Linux
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apache ist ein Webserver f\u00fcr verschiedene Plattformen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apache HTTP Server ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder sonstige Auswirkungen zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0438 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2022-0438.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0438 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0438"
},
{
"category": "external",
"summary": "Apache Security Advisory vom 2021-06-09",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2006-1 vom 2021-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-June/009032.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2004-1 vom 2021-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-June/009030.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:14749-1 vom 2021-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-June/009024.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4994-1 vom 2021-06-21",
"url": "https://ubuntu.com/security/notices/USN-4994-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4994-1 vom 2021-06-21",
"url": "https://ubuntu.com/security/notices/USN-4994-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2127-1 vom 2021-06-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-June/009074.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2021-1659 vom 2021-06-23",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2021-1659.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2021-1674 vom 2021-07-02",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2021-1674.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4937 vom 2021-07-09",
"url": "https://www.debian.org/security/2021/dsa-4937"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-2706 vom 2021-07-09",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2021-1514 vom 2021-07-13",
"url": "https://alas.aws.amazon.com/ALAS-2021-1514.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-9541 vom 2021-11-04",
"url": "https://linux.oracle.com/errata/ELSA-2021-9541.html"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202107-38 vom 2021-07-17",
"url": "https://security.gentoo.org/glsa/202107-38"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3816 vom 2021-10-12",
"url": "https://access.redhat.com/errata/RHSA-2021:3816"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-3816 vom 2021-10-13",
"url": "http://linux.oracle.com/errata/ELSA-2021-3816.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:4537 vom 2021-11-10",
"url": "https://access.redhat.com/errata/RHSA-2021:4537"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:4257 vom 2021-11-09",
"url": "https://access.redhat.com/errata/RHSA-2021:4257"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:4613 vom 2021-11-10",
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:4614 vom 2021-11-10",
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-9545 vom 2021-11-12",
"url": "http://linux.oracle.com/errata/ELSA-2021-9545.html"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2021-158 vom 2021-11-11",
"url": "https://downloads.avaya.com/css/P8/documents/101078543"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2021-157 vom 2021-11-11",
"url": "https://downloads.avaya.com/css/P8/documents/101078542"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-4537 vom 2021-11-18",
"url": "https://linux.oracle.com/errata/ELSA-2021-4537.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0143 vom 2022-01-17",
"url": "https://access.redhat.com/errata/RHSA-2022:0143"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-0143 vom 2022-01-19",
"url": "http://linux.oracle.com/errata/ELSA-2022-0143.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2022:0143 vom 2022-01-25",
"url": "https://lists.centos.org/pipermail/centos-announce/2022-January/073551.html"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2022-003 vom 2027-01-18",
"url": "https://downloads.avaya.com/css/P8/documents/101079910"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-1915 vom 2022-05-17",
"url": "https://linux.oracle.com/errata/ELSA-2022-1915.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-1045 vom 2022-03-24",
"url": "http://linux.oracle.com/errata/ELSA-2022-1045.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1915 vom 2022-05-10",
"url": "https://access.redhat.com/errata/RHSA-2022:1915"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5163 vom 2022-06-22",
"url": "https://access.redhat.com/errata/RHSA-2022:5163"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2022-083 vom 2022-06-24",
"url": "https://downloads.avaya.com/css/P8/documents/101082388"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-5163 vom 2022-06-24",
"url": "http://linux.oracle.com/errata/ELSA-2022-5163.html"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2022-053 vom 2022-07-18",
"url": "https://downloads.avaya.com/css/P8/documents/101082704"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-7647 vom 2022-11-15",
"url": "https://linux.oracle.com/errata/ELSA-2022-7647.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin",
"url": "https://www.ibm.com/support/pages/node/6840315"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-1593 vom 2023-04-05",
"url": "https://linux.oracle.com/errata/ELSA-2023-1593.html"
},
{
"category": "external",
"summary": "F5 stellt neue Informationen zur Verf\u00fcgung",
"url": "https://my.f5.com/manage/s/article/K000133522"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3818 vom 2024-05-25",
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html"
}
],
"source_lang": "en-US",
"title": "Apache HTTP Server: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-05-26T22:00:00.000+00:00",
"generator": {
"date": "2024-05-27T08:08:16.755+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.0"
}
},
"id": "WID-SEC-W-2022-0438",
"initial_release_date": "2021-06-09T22:00:00.000+00:00",
"revision_history": [
{
"date": "2021-06-09T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2021-06-17T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-06-21T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2021-06-22T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-06-23T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2021-07-01T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2021-07-08T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2021-07-11T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2021-07-12T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2021-07-18T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2021-10-12T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-10-13T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2021-11-03T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2021-11-09T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-11-10T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-11-14T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Oracle Linux und AVAYA aufgenommen"
},
{
"date": "2021-11-18T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-01-16T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-01-19T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-01-25T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von CentOS aufgenommen"
},
{
"date": "2022-01-27T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von AVAYA aufgenommen"
},
{
"date": "2022-03-24T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-05-10T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-05-17T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-06-22T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-06-26T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von AVAYA und Oracle Linux aufgenommen"
},
{
"date": "2022-07-19T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von AVAYA aufgenommen"
},
{
"date": "2022-11-15T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-11-20T23:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-04-04T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2023-04-16T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von F5 aufgenommen"
},
{
"date": "2024-05-26T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von Debian aufgenommen"
}
],
"status": "final",
"version": "32"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2.4.48",
"product": {
"name": "Apache HTTP Server \u003c2.4.48",
"product_id": "T019472",
"product_identification_helper": {
"cpe": "cpe:/a:apache:http_server:2.4.48"
}
}
}
],
"category": "product_name",
"name": "HTTP Server"
}
],
"category": "vendor",
"name": "Apache"
},
{
"branches": [
{
"category": "product_name",
"name": "Avaya Aura Application Enablement Services",
"product": {
"name": "Avaya Aura Application Enablement Services",
"product_id": "T015516",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_application_enablement_services:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Communication Manager",
"product": {
"name": "Avaya Aura Communication Manager",
"product_id": "T015126",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:communication_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Experience Portal",
"product": {
"name": "Avaya Aura Experience Portal",
"product_id": "T015519",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_experience_portal:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Session Manager",
"product": {
"name": "Avaya Aura Session Manager",
"product_id": "T015127",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:session_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura System Manager",
"product": {
"name": "Avaya Aura System Manager",
"product_id": "T015518",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_system_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Web License Manager",
"product": {
"name": "Avaya Web License Manager",
"product_id": "T016243",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:web_license_manager:-"
}
}
}
],
"category": "vendor",
"name": "Avaya"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "F5 BIG-IP",
"product": {
"name": "F5 BIG-IP",
"product_id": "T001663",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:-"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM Power Hardware Management Console",
"product": {
"name": "IBM Power Hardware Management Console",
"product_id": "5114",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:hardware_management_console:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-17567",
"notes": [
{
"category": "description",
"text": "In Apache HTTP Server existieren mehrere Schwachstellen. Diese Schwachstellen sind unter anderem auf Puffer\u00fcberl\u00e4ufe, NULL-Zeiger-Dereferenzierungen, Fehler beim Umgang mit Privilegien zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T015519",
"T015518",
"67646",
"T015516",
"5114",
"T015127",
"T015126",
"T012167",
"T004914",
"T016243",
"2951",
"T002207",
"T000126",
"T001663",
"398363",
"1727"
]
},
"release_date": "2021-06-09T22:00:00Z",
"title": "CVE-2019-17567"
},
{
"cve": "CVE-2020-13938",
"notes": [
{
"category": "description",
"text": "In Apache HTTP Server existieren mehrere Schwachstellen. Diese Schwachstellen sind unter anderem auf Puffer\u00fcberl\u00e4ufe, NULL-Zeiger-Dereferenzierungen, Fehler beim Umgang mit Privilegien zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T015519",
"T015518",
"67646",
"T015516",
"5114",
"T015127",
"T015126",
"T012167",
"T004914",
"T016243",
"2951",
"T002207",
"T000126",
"T001663",
"398363",
"1727"
]
},
"release_date": "2021-06-09T22:00:00Z",
"title": "CVE-2020-13938"
},
{
"cve": "CVE-2020-13950",
"notes": [
{
"category": "description",
"text": "In Apache HTTP Server existieren mehrere Schwachstellen. Diese Schwachstellen sind unter anderem auf Puffer\u00fcberl\u00e4ufe, NULL-Zeiger-Dereferenzierungen, Fehler beim Umgang mit Privilegien zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T015519",
"T015518",
"67646",
"T015516",
"5114",
"T015127",
"T015126",
"T012167",
"T004914",
"T016243",
"2951",
"T002207",
"T000126",
"T001663",
"398363",
"1727"
]
},
"release_date": "2021-06-09T22:00:00Z",
"title": "CVE-2020-13950"
},
{
"cve": "CVE-2020-35452",
"notes": [
{
"category": "description",
"text": "In Apache HTTP Server existieren mehrere Schwachstellen. Diese Schwachstellen sind unter anderem auf Puffer\u00fcberl\u00e4ufe, NULL-Zeiger-Dereferenzierungen, Fehler beim Umgang mit Privilegien zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T015519",
"T015518",
"67646",
"T015516",
"5114",
"T015127",
"T015126",
"T012167",
"T004914",
"T016243",
"2951",
"T002207",
"T000126",
"T001663",
"398363",
"1727"
]
},
"release_date": "2021-06-09T22:00:00Z",
"title": "CVE-2020-35452"
},
{
"cve": "CVE-2021-20325",
"notes": [
{
"category": "description",
"text": "In Apache HTTP Server existieren mehrere Schwachstellen. Diese Schwachstellen sind unter anderem auf Puffer\u00fcberl\u00e4ufe, NULL-Zeiger-Dereferenzierungen, Fehler beim Umgang mit Privilegien zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T015519",
"T015518",
"67646",
"T015516",
"5114",
"T015127",
"T015126",
"T012167",
"T004914",
"T016243",
"2951",
"T002207",
"T000126",
"T001663",
"398363",
"1727"
]
},
"release_date": "2021-06-09T22:00:00Z",
"title": "CVE-2021-20325"
},
{
"cve": "CVE-2021-26690",
"notes": [
{
"category": "description",
"text": "In Apache HTTP Server existieren mehrere Schwachstellen. Diese Schwachstellen sind unter anderem auf Puffer\u00fcberl\u00e4ufe, NULL-Zeiger-Dereferenzierungen, Fehler beim Umgang mit Privilegien zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T015519",
"T015518",
"67646",
"T015516",
"5114",
"T015127",
"T015126",
"T012167",
"T004914",
"T016243",
"2951",
"T002207",
"T000126",
"T001663",
"398363",
"1727"
]
},
"release_date": "2021-06-09T22:00:00Z",
"title": "CVE-2021-26690"
},
{
"cve": "CVE-2021-26691",
"notes": [
{
"category": "description",
"text": "In Apache HTTP Server existieren mehrere Schwachstellen. Diese Schwachstellen sind unter anderem auf Puffer\u00fcberl\u00e4ufe, NULL-Zeiger-Dereferenzierungen, Fehler beim Umgang mit Privilegien zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T015519",
"T015518",
"67646",
"T015516",
"5114",
"T015127",
"T015126",
"T012167",
"T004914",
"T016243",
"2951",
"T002207",
"T000126",
"T001663",
"398363",
"1727"
]
},
"release_date": "2021-06-09T22:00:00Z",
"title": "CVE-2021-26691"
},
{
"cve": "CVE-2021-30641",
"notes": [
{
"category": "description",
"text": "In Apache HTTP Server existieren mehrere Schwachstellen. Diese Schwachstellen sind unter anderem auf Puffer\u00fcberl\u00e4ufe, NULL-Zeiger-Dereferenzierungen, Fehler beim Umgang mit Privilegien zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T015519",
"T015518",
"67646",
"T015516",
"5114",
"T015127",
"T015126",
"T012167",
"T004914",
"T016243",
"2951",
"T002207",
"T000126",
"T001663",
"398363",
"1727"
]
},
"release_date": "2021-06-09T22:00:00Z",
"title": "CVE-2021-30641"
}
]
}
ghsa-f669-j28w-pjvg
Vulnerability from github
Published
2022-05-24 19:04
Modified
2022-05-24 19:04
Details
Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service
{
"affected": [],
"aliases": [
"CVE-2021-26690"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-10T07:15:00Z",
"severity": "HIGH"
},
"details": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service",
"id": "GHSA-f669-j28w-pjvg",
"modified": "2022-05-24T19:04:55Z",
"published": "2022-05-24T19:04:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26690"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd@%3Cdev.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rae406c1d19c0dfd3103c96923dadac2af1cd0bad6905ab1ede153865@%3Cannounce.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202107-38"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20210702-0001"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-4937"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"type": "WEB",
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/06/10/6"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading...