Action not permitted
Modal body text goes here.
cve-2021-3688
Vulnerability from cvelistv5
Published
2022-08-26 15:25
Modified
2024-08-03 17:01
Severity
Summary
A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.
References
| Source | URL | Tags |
|---|---|---|
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2021-3688 | Vendor Advisory |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1990252 | Issue Tracking, Vendor Advisory |
Impacted products
| Vendor | Product |
|---|---|
| n/a | Red Hat JBCS HTTP Server |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:01:08.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990252"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-3688"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Red Hat JBCS HTTP Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in jbcs-httpd-2.4.37.SP10 GA"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-26T15:25:40",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990252"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-3688"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3688",
"datePublished": "2022-08-26T15:25:40",
"dateReserved": "2021-08-05T00:00:00",
"dateUpdated": "2024-08-03T17:01:08.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2021-3688\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2022-08-26T16:15:09.330\",\"lastModified\":\"2023-02-12T23:42:17.347\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.\"},{\"lang\":\"es\",\"value\":\"Se ha encontrado un fallo en el Servidor HTTP de Red Hat JBoss Core Services en todas las versiones, en el que no normaliza apropiadamente el componente de la ruta de una URL de petici\u00f3n que contenga punto y coma. Este fallo podr\u00eda permitir a un atacante acceder a informaci\u00f3n no autorizada o posiblemente conducir otros ataques. La mayor amenaza de esta vulnerabilidad es para la confidencialidad e integridad de los datos.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\",\"baseScore\":4.8,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.2,\"impactScore\":2.5}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_core_services_httpd:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.4.37\",\"matchCriteriaId\":\"970B5B03-B3E4-4E12-9B92-580FC7FD95D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_core_services_httpd:2.4.37:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"573F58D4-B7C3-440C-8FB4-5D3F83C3A0F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_core_services_httpd:2.4.37:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"68CAE945-14FB-46E8-AC4E-9F97BC0E6A53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_core_services_httpd:2.4.37:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7DD47E0-0144-4EFF-A7A1-FE27A7D70DF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_core_services_httpd:2.4.37:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"882469F8-F936-4BC2-987B-D1635FFF5CF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_core_services_httpd:2.4.37:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11A5C31-69FD-4EF6-BD1F-37BA248CB9BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_core_services_httpd:2.4.37:sp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"32331EA5-EFE2-483B-8691-C9455B116589\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_core_services_httpd:2.4.37:sp6:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B092B2D-F03B-4B8A-9BDF-C0A188D9A659\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_core_services_httpd:2.4.37:sp7:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBE638FF-092C-4A87-9D33-B25484C2F2D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_core_services_httpd:2.4.37:sp8:*:*:*:*:*:*\",\"matchCriteriaId\":\"E18DDC09-33C4-4FA1-BBCF-15D2F6FAAAE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_core_services_httpd:2.4.37:sp9:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B639B08-622C-4312-B71B-AA3A7BCC34C4\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/security/cve/CVE-2021-3688\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1990252\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]}]}}"
}
}
rhsa-2021_4614
Vulnerability from csaf_redhat
Published
2021-11-10 17:20
Modified
2024-09-16 06:18
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP10 security update
Notes
Topic
Updated packages that provide Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release adds the new Apache HTTP Server 2.4.37 Service Pack 10 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 9 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* httpd: Single zero byte stack overflow in mod_auth_digest (CVE-2020-35452)
* httpd: mod_session NULL pointer dereference in parser (CVE-2021-26690)
* httpd: Heap overflow in mod_session (CVE-2021-26691)
* httpd: mod_proxy_wstunnel tunneling of non Upgraded connection (CVE-2019-17567)
* httpd: MergeSlashes regression (CVE-2021-30641)
* httpd: mod_proxy NULL pointer dereference (CVE-2020-13950)
* jbcs-httpd24-openssl: openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841)
* openssl: Read buffer overruns processing ASN.1 strings (CVE-2021-3712)
* openssl: integer overflow in CipherUpdate (CVE-2021-23840)
* pcre: buffer over-read in JIT when UTF is disabled (CVE-2019-20838)
* pcre: integer overflow in libpcre (CVE-2020-14155)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated packages that provide Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release adds the new Apache HTTP Server 2.4.37 Service Pack 10 packages that are part of the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 9 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* httpd: Single zero byte stack overflow in mod_auth_digest (CVE-2020-35452)\n* httpd: mod_session NULL pointer dereference in parser (CVE-2021-26690)\n* httpd: Heap overflow in mod_session (CVE-2021-26691)\n* httpd: mod_proxy_wstunnel tunneling of non Upgraded connection (CVE-2019-17567)\n* httpd: MergeSlashes regression (CVE-2021-30641)\n* httpd: mod_proxy NULL pointer dereference (CVE-2020-13950)\n* jbcs-httpd24-openssl: openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841)\n* openssl: Read buffer overruns processing ASN.1 strings (CVE-2021-3712)\n* openssl: integer overflow in CipherUpdate (CVE-2021-23840)\n* pcre: buffer over-read in JIT when UTF is disabled (CVE-2019-20838)\n* pcre: integer overflow in libpcre (CVE-2020-14155)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:4614",
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1848436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436"
},
{
"category": "external",
"summary": "1848444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444"
},
{
"category": "external",
"summary": "1930310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930310"
},
{
"category": "external",
"summary": "1930324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930324"
},
{
"category": "external",
"summary": "1966724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966724"
},
{
"category": "external",
"summary": "1966729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966729"
},
{
"category": "external",
"summary": "1966732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966732"
},
{
"category": "external",
"summary": "1966738",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966738"
},
{
"category": "external",
"summary": "1966740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966740"
},
{
"category": "external",
"summary": "1966743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966743"
},
{
"category": "external",
"summary": "1995634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995634"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_4614.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP10 security update",
"tracking": {
"current_release_date": "2024-09-16T06:18:06+00:00",
"generator": {
"date": "2024-09-16T06:18:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2021:4614",
"initial_release_date": "2021-11-10T17:20:46+00:00",
"revision_history": [
{
"date": "2021-11-10T17:20:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-11-10T17:20:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-16T06:18:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services on RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Core Services on RHEL 8",
"product": {
"name": "Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"product_id": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-107.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-84.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"product_id": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.78.0-2.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"product_id": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-39.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"product_id": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1g-8.jbcs.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-7.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-22.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"product_id": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-78.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-21.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-40.jbcs.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.16-9.Final_redhat_2.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-67.GA.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-20.redhat_1.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"product_id": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-107.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-84.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"product_id": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.78.0-2.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"product_id": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-39.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"product_id": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1g-8.el8jbcs?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-7.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-22.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"product_id": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-78.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-21.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-40.el8jbcs?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-20.redhat_1.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.16-9.Final_redhat_2.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-67.GA.el8jbcs?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-107.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-devel@1.6.3-107.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo@1.6.3-107.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.78.0-2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.78.0-2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.78.0-2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.78.0-2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-39.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.39.2-39.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.39.2-39.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1g-8.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.1.1g-8.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.1.1g-8.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.1.1g-8.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.1.1g-8.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.1.1g-8.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-7.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil-debuginfo@1.0.0-7.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-22.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11-debuginfo@0.4.10-22.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-78.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.37-78.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.37-78.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.37-78.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.37-78.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.37-78.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.37-78.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.37-78.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.37-78.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-21.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.7-21.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-40.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.0.8-40.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.16-9.Final_redhat_2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.16-9.Final_redhat_2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-67.GA.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.2-67.GA.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.48-20.redhat_1.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.48-20.redhat_1.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.48-20.redhat_1.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-107.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-devel@1.6.3-107.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo@1.6.3-107.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.78.0-2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.78.0-2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.78.0-2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.78.0-2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-debuginfo@7.78.0-2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-39.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.39.2-39.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.39.2-39.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1g-8.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.1.1g-8.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.1.1g-8.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.1.1g-8.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.1.1g-8.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.1.1g-8.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs-debuginfo@1.1.1g-8.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-7.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil-debuginfo@1.0.0-7.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-22.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11-debuginfo@0.4.10-22.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.37-78.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.37-78.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools-debuginfo@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap-debuginfo@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html-debuginfo@2.4.37-78.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session-debuginfo@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl-debuginfo@2.4.37-78.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-21.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.7-21.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-40.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.0.8-40.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.48-20.redhat_1.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.48-20.redhat_1.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24-debuginfo@1.2.48-20.redhat_1.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.16-9.Final_redhat_2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.16-9.Final_redhat_2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-67.GA.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.2-67.GA.el8jbcs?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"product": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"product_id": "jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.37-78.jbcs.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"product": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"product_id": "jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.37-78.el8jbcs?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch"
},
"product_reference": "jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch"
},
"product_reference": "jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Mikhail Egorov"
]
}
],
"cve": "CVE-2019-17567",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966740"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache httpd. The mod_proxy_wstunnel module tunnels non-upgraded connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy_wstunnel tunneling of non Upgraded connection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17567"
},
{
"category": "external",
"summary": "RHBZ#1966740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17567",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17567"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17567",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17567"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "Only configurations which use mod_proxy_wstunnel are affected by this flaw. It is also safe to comment-out the \"LoadModule proxy_wstunnel_module ... \" line in /etc/httpd/conf.modules.d/00-proxy.conf for configurations which do not rely on a websockets reverse proxy.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_proxy_wstunnel tunneling of non Upgraded connection"
},
{
"cve": "CVE-2019-20838",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848444"
}
],
"notes": [
{
"category": "description",
"text": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-20838"
},
{
"category": "external",
"summary": "RHBZ#1848444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838"
}
],
"release_date": "2020-06-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "Do not use more than one fixed quantifier with \\R or \\X with UTF disabled in PCRE or PCRE2, as these are the conditions needed to trigger the flaw.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1"
},
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Marc Stern"
]
}
],
"cve": "CVE-2020-13950",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966738"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In Apache httpd. The mod_proxy has a NULL pointer dereference. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-13950"
},
{
"category": "external",
"summary": "RHBZ#1966738",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966738"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-13950",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13950"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13950",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13950"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_proxy NULL pointer dereference"
},
{
"cve": "CVE-2020-14155",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2020-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848436"
}
],
"notes": [
{
"category": "description",
"text": "libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pcre: Integer overflow when parsing callout numeric arguments",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14155"
},
{
"category": "external",
"summary": "RHBZ#1848436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14155"
}
],
"release_date": "2020-06-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by not compiling regular expressions with a callout value greater outside of 0-255 or handling the value passed to the callback within the application code.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pcre: Integer overflow when parsing callout numeric arguments"
},
{
"acknowledgments": [
{
"names": [
"the Apache project"
]
},
{
"names": [
"Antonio Morales"
],
"organization": "GHSL"
}
],
"cve": "CVE-2020-35452",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966724"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache httpd. The mod_auth_digest has a single zero byte stack overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Single zero byte stack overflow in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a one byte overflow and as per upstream it should be non-exploitable in most condtions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35452"
},
{
"category": "external",
"summary": "RHBZ#1966724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966724"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35452"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35452",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35452"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "Only configurations which use mod_auth_digest are affected by this flaw. Also as per upstream this flaw is not exploitable in most conditions, so there should really be no impact of this flaw.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: Single zero byte stack overflow in mod_auth_digest"
},
{
"cve": "CVE-2021-3688",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-05-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1990252"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JBCS: URL normalization issue with dot-dot-semicolon(s) leads to information disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3688"
},
{
"category": "external",
"summary": "RHBZ#1990252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990252"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3688",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3688"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3688",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3688"
}
],
"release_date": "2021-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "Manually add LocationMatch directive to deny any possible problem requests in the JBCS httpd configuration. For example:\n~~~\n\u003cLocationMatch \".*\\.\\.;.*\"\u003e\n Require all denied\n\u003c/LocationMatch\u003e\n~~~",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JBCS: URL normalization issue with dot-dot-semicolon(s) leads to information disclosure"
},
{
"acknowledgments": [
{
"names": [
"the OpenSSL project"
],
"organization": "Ingo Schwarze",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2021-3712",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-08-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1995634"
}
],
"notes": [
{
"category": "description",
"text": "It was found that openssl assumed ASN.1 strings to be NUL terminated. A malicious actor may be able to force an application into calling openssl function with a specially crafted, non-NUL terminated string to deliberately hit this bug, which may result in a crash of the application, causing a Denial of Service attack, or possibly, memory disclosure. The highest threat from this vulnerability is to data confidentiality and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Read buffer overruns processing ASN.1 strings",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do not ship the affected OpenSSL component but rely on the Red Hat Enterprise Linux to consume them:\n * Red Hat Satellite\n * Red Hat Update Infrastructure\n * Red Hat CloudForms\n\nThe Red Hat Advanced Cluster Management for Kubernetes is using the vulnerable version of the library, however the vulnerable code path is not reachable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3712"
},
{
"category": "external",
"summary": "RHBZ#1995634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20210824.txt",
"url": "https://www.openssl.org/news/secadv/20210824.txt"
}
],
"release_date": "2021-08-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Read buffer overruns processing ASN.1 strings"
},
{
"cve": "CVE-2021-23840",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2021-02-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930324"
}
],
"notes": [
{
"category": "description",
"text": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissible length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: integer overflow in CipherUpdate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw only affects applications which are compiled with OpenSSL and using EVP_CipherUpdate, EVP_EncryptUpdate or EVP_DecryptUpdate functions. When specially-crafted values are passed to these functions, it can cause the application to crash or behave incorrectly.\n\nOpenSSL in Red Hat Enterprise Linux 9 was marked as not affected as its already fixed in RHEL9 Alpha release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-23840"
},
{
"category": "external",
"summary": "RHBZ#1930324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-23840",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20210216.txt",
"url": "https://www.openssl.org/news/secadv/20210216.txt"
}
],
"release_date": "2021-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: integer overflow in CipherUpdate"
},
{
"cve": "CVE-2021-23841",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-02-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930310"
}
],
"notes": [
{
"category": "description",
"text": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a a null pointer dereference in the X509_issuer_and_serial_hash() function, which can result in crash if called by an application compiled with OpenSSL, by passing a specially-crafted certificate. OpenSSL internally does not use this function.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-23841"
},
{
"category": "external",
"summary": "RHBZ#1930310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-23841",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23841"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20210216.txt",
"url": "https://www.openssl.org/news/secadv/20210216.txt"
}
],
"release_date": "2021-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "As per upstream \"The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources.\"",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()"
},
{
"acknowledgments": [
{
"names": [
"the Apache project"
]
},
{
"names": [
"Antonio Morales"
],
"organization": "GHSL"
}
],
"cve": "CVE-2021-26690",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966729"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference was found in Apache httpd mod_session. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_session: NULL pointer dereference when parsing Cookie header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a null pointer deference caused when using mod_session. It can result in crash of httpd child process by a remote attacker.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26690"
},
{
"category": "external",
"summary": "RHBZ#1966729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966729"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26690"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26690",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26690"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "Only configurations which use the \"SessionEnv\" directive (which is not widely used) are vulnerable to this flaw. SessionEnv is not enabled in default configuration of httpd package shipped with Red Hat Products.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_session: NULL pointer dereference when parsing Cookie header"
},
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Christophe Jaillet"
]
}
],
"cve": "CVE-2021-26691",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966732"
}
],
"notes": [
{
"category": "description",
"text": "A heap overflow flaw was found In Apache httpd mod_session. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_session: Heap overflow via a crafted SessionHeader value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw can result in a crash of the httpd child process when mod_session is used.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26691"
},
{
"category": "external",
"summary": "RHBZ#1966732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26691"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26691",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26691"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "Only configurations which use the \"SessionEnv\" directive (which is not widely used) are vulnerable to this flaw. SessionEnv is not enabled in default configuration of httpd package shipped with Red Hat Products.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_session: Heap overflow via a crafted SessionHeader value"
},
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Christoph Anton Mitterer"
]
}
],
"cve": "CVE-2021-30641",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966743"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache httpd. A possible regression from an earlier security fix broke behavior of MergeSlashes. The highest threat from this vulnerability is to data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Unexpected URL matching with \u0027MergeSlashes OFF\u0027",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw was introduced when fixing https://access.redhat.com/security/cve/cve-2019-0220, therefore versions of httpd package shipped with Red Hat Enterprise Linux 7, 8 and Red Hat Software Collections are affected by this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-30641"
},
{
"category": "external",
"summary": "RHBZ#1966743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-30641",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30641"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-30641",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30641"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "This issue can be mitigated by setting the \"MergeSlashes\" directive to OFF",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Unexpected URL matching with \u0027MergeSlashes OFF\u0027"
},
{
"cve": "CVE-2021-34798",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2005128"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: NULL pointer dereference via malformed requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34798"
},
{
"category": "external",
"summary": "RHBZ#2005128",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005128"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34798",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34798"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: NULL pointer dereference via malformed requests"
}
]
}
rhsa-2021_4613
Vulnerability from csaf_redhat
Published
2021-11-10 17:14
Modified
2024-09-16 06:17
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP10 security update
Notes
Topic
Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10 zip release for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows is available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release adds the new Apache HTTP Server 2.4.37 Service Pack 10 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 9 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* httpd: Single zero byte stack overflow in mod_auth_digest (CVE-2020-35452)
* httpd: mod_session NULL pointer dereference in parser (CVE-2021-26690)
* httpd: Heap overflow in mod_session (CVE-2021-26691)
* httpd: mod_proxy_wstunnel tunneling of non Upgraded connection (CVE-2019-17567)
* httpd: MergeSlashes regression (CVE-2021-30641)
* httpd: mod_proxy NULL pointer dereference (CVE-2020-13950)
* jbcs-httpd24-openssl: openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841)
* openssl: Read buffer overruns processing ASN.1 strings (CVE-2021-3712)
* openssl: integer overflow in CipherUpdate (CVE-2021-23840)
* pcre: buffer over-read in JIT when UTF is disabled (CVE-2019-20838)
* pcre: integer overflow in libpcre (CVE-2020-14155)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10 zip release for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows is available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release adds the new Apache HTTP Server 2.4.37 Service Pack 10 packages that are part of the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 9 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* httpd: Single zero byte stack overflow in mod_auth_digest (CVE-2020-35452)\n* httpd: mod_session NULL pointer dereference in parser (CVE-2021-26690)\n* httpd: Heap overflow in mod_session (CVE-2021-26691)\n* httpd: mod_proxy_wstunnel tunneling of non Upgraded connection (CVE-2019-17567)\n* httpd: MergeSlashes regression (CVE-2021-30641)\n* httpd: mod_proxy NULL pointer dereference (CVE-2020-13950)\n* jbcs-httpd24-openssl: openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841)\n* openssl: Read buffer overruns processing ASN.1 strings (CVE-2021-3712)\n* openssl: integer overflow in CipherUpdate (CVE-2021-23840)\n* pcre: buffer over-read in JIT when UTF is disabled (CVE-2019-20838)\n* pcre: integer overflow in libpcre (CVE-2020-14155)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:4613",
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1848436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436"
},
{
"category": "external",
"summary": "1848444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444"
},
{
"category": "external",
"summary": "1930310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930310"
},
{
"category": "external",
"summary": "1930324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930324"
},
{
"category": "external",
"summary": "1966724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966724"
},
{
"category": "external",
"summary": "1966729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966729"
},
{
"category": "external",
"summary": "1966732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966732"
},
{
"category": "external",
"summary": "1966738",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966738"
},
{
"category": "external",
"summary": "1966740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966740"
},
{
"category": "external",
"summary": "1966743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966743"
},
{
"category": "external",
"summary": "1995634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995634"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_4613.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP10 security update",
"tracking": {
"current_release_date": "2024-09-16T06:17:59+00:00",
"generator": {
"date": "2024-09-16T06:17:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2021:4613",
"initial_release_date": "2021-11-10T17:14:06+00:00",
"revision_history": [
{
"date": "2021-11-10T17:14:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-11-10T17:14:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-16T06:17:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services 1",
"product": {
"name": "Red Hat JBoss Core Services 1",
"product_id": "Red Hat JBoss Core Services 1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Mikhail Egorov"
]
}
],
"cve": "CVE-2019-17567",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966740"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache httpd. The mod_proxy_wstunnel module tunnels non-upgraded connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy_wstunnel tunneling of non Upgraded connection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17567"
},
{
"category": "external",
"summary": "RHBZ#1966740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17567",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17567"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17567",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17567"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "Only configurations which use mod_proxy_wstunnel are affected by this flaw. It is also safe to comment-out the \"LoadModule proxy_wstunnel_module ... \" line in /etc/httpd/conf.modules.d/00-proxy.conf for configurations which do not rely on a websockets reverse proxy.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_proxy_wstunnel tunneling of non Upgraded connection"
},
{
"cve": "CVE-2019-20838",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848444"
}
],
"notes": [
{
"category": "description",
"text": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-20838"
},
{
"category": "external",
"summary": "RHBZ#1848444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838"
}
],
"release_date": "2020-06-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "Do not use more than one fixed quantifier with \\R or \\X with UTF disabled in PCRE or PCRE2, as these are the conditions needed to trigger the flaw.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1"
},
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Marc Stern"
]
}
],
"cve": "CVE-2020-13950",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966738"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In Apache httpd. The mod_proxy has a NULL pointer dereference. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-13950"
},
{
"category": "external",
"summary": "RHBZ#1966738",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966738"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-13950",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13950"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13950",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13950"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_proxy NULL pointer dereference"
},
{
"cve": "CVE-2020-14155",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2020-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848436"
}
],
"notes": [
{
"category": "description",
"text": "libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pcre: Integer overflow when parsing callout numeric arguments",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14155"
},
{
"category": "external",
"summary": "RHBZ#1848436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14155"
}
],
"release_date": "2020-06-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by not compiling regular expressions with a callout value greater outside of 0-255 or handling the value passed to the callback within the application code.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pcre: Integer overflow when parsing callout numeric arguments"
},
{
"acknowledgments": [
{
"names": [
"the Apache project"
]
},
{
"names": [
"Antonio Morales"
],
"organization": "GHSL"
}
],
"cve": "CVE-2020-35452",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966724"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache httpd. The mod_auth_digest has a single zero byte stack overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Single zero byte stack overflow in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a one byte overflow and as per upstream it should be non-exploitable in most condtions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35452"
},
{
"category": "external",
"summary": "RHBZ#1966724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966724"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35452"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35452",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35452"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "Only configurations which use mod_auth_digest are affected by this flaw. Also as per upstream this flaw is not exploitable in most conditions, so there should really be no impact of this flaw.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: Single zero byte stack overflow in mod_auth_digest"
},
{
"cve": "CVE-2021-3688",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-05-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1990252"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JBCS: URL normalization issue with dot-dot-semicolon(s) leads to information disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3688"
},
{
"category": "external",
"summary": "RHBZ#1990252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990252"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3688",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3688"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3688",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3688"
}
],
"release_date": "2021-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "Manually add LocationMatch directive to deny any possible problem requests in the JBCS httpd configuration. For example:\n~~~\n\u003cLocationMatch \".*\\.\\.;.*\"\u003e\n Require all denied\n\u003c/LocationMatch\u003e\n~~~",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JBCS: URL normalization issue with dot-dot-semicolon(s) leads to information disclosure"
},
{
"acknowledgments": [
{
"names": [
"the OpenSSL project"
],
"organization": "Ingo Schwarze",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2021-3712",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-08-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1995634"
}
],
"notes": [
{
"category": "description",
"text": "It was found that openssl assumed ASN.1 strings to be NUL terminated. A malicious actor may be able to force an application into calling openssl function with a specially crafted, non-NUL terminated string to deliberately hit this bug, which may result in a crash of the application, causing a Denial of Service attack, or possibly, memory disclosure. The highest threat from this vulnerability is to data confidentiality and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Read buffer overruns processing ASN.1 strings",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do not ship the affected OpenSSL component but rely on the Red Hat Enterprise Linux to consume them:\n * Red Hat Satellite\n * Red Hat Update Infrastructure\n * Red Hat CloudForms\n\nThe Red Hat Advanced Cluster Management for Kubernetes is using the vulnerable version of the library, however the vulnerable code path is not reachable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3712"
},
{
"category": "external",
"summary": "RHBZ#1995634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20210824.txt",
"url": "https://www.openssl.org/news/secadv/20210824.txt"
}
],
"release_date": "2021-08-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Read buffer overruns processing ASN.1 strings"
},
{
"cve": "CVE-2021-23840",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2021-02-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930324"
}
],
"notes": [
{
"category": "description",
"text": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissible length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: integer overflow in CipherUpdate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw only affects applications which are compiled with OpenSSL and using EVP_CipherUpdate, EVP_EncryptUpdate or EVP_DecryptUpdate functions. When specially-crafted values are passed to these functions, it can cause the application to crash or behave incorrectly.\n\nOpenSSL in Red Hat Enterprise Linux 9 was marked as not affected as its already fixed in RHEL9 Alpha release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-23840"
},
{
"category": "external",
"summary": "RHBZ#1930324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-23840",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20210216.txt",
"url": "https://www.openssl.org/news/secadv/20210216.txt"
}
],
"release_date": "2021-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: integer overflow in CipherUpdate"
},
{
"cve": "CVE-2021-23841",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-02-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930310"
}
],
"notes": [
{
"category": "description",
"text": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a a null pointer dereference in the X509_issuer_and_serial_hash() function, which can result in crash if called by an application compiled with OpenSSL, by passing a specially-crafted certificate. OpenSSL internally does not use this function.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-23841"
},
{
"category": "external",
"summary": "RHBZ#1930310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-23841",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23841"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20210216.txt",
"url": "https://www.openssl.org/news/secadv/20210216.txt"
}
],
"release_date": "2021-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "As per upstream \"The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources.\"",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()"
},
{
"acknowledgments": [
{
"names": [
"the Apache project"
]
},
{
"names": [
"Antonio Morales"
],
"organization": "GHSL"
}
],
"cve": "CVE-2021-26690",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966729"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference was found in Apache httpd mod_session. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_session: NULL pointer dereference when parsing Cookie header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a null pointer deference caused when using mod_session. It can result in crash of httpd child process by a remote attacker.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26690"
},
{
"category": "external",
"summary": "RHBZ#1966729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966729"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26690"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26690",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26690"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "Only configurations which use the \"SessionEnv\" directive (which is not widely used) are vulnerable to this flaw. SessionEnv is not enabled in default configuration of httpd package shipped with Red Hat Products.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_session: NULL pointer dereference when parsing Cookie header"
},
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Christophe Jaillet"
]
}
],
"cve": "CVE-2021-26691",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966732"
}
],
"notes": [
{
"category": "description",
"text": "A heap overflow flaw was found In Apache httpd mod_session. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_session: Heap overflow via a crafted SessionHeader value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw can result in a crash of the httpd child process when mod_session is used.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26691"
},
{
"category": "external",
"summary": "RHBZ#1966732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26691"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26691",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26691"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "Only configurations which use the \"SessionEnv\" directive (which is not widely used) are vulnerable to this flaw. SessionEnv is not enabled in default configuration of httpd package shipped with Red Hat Products.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_session: Heap overflow via a crafted SessionHeader value"
},
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Christoph Anton Mitterer"
]
}
],
"cve": "CVE-2021-30641",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966743"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache httpd. A possible regression from an earlier security fix broke behavior of MergeSlashes. The highest threat from this vulnerability is to data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Unexpected URL matching with \u0027MergeSlashes OFF\u0027",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw was introduced when fixing https://access.redhat.com/security/cve/cve-2019-0220, therefore versions of httpd package shipped with Red Hat Enterprise Linux 7, 8 and Red Hat Software Collections are affected by this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-30641"
},
{
"category": "external",
"summary": "RHBZ#1966743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-30641",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30641"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-30641",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30641"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "This issue can be mitigated by setting the \"MergeSlashes\" directive to OFF",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Unexpected URL matching with \u0027MergeSlashes OFF\u0027"
},
{
"cve": "CVE-2021-34798",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2005128"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: NULL pointer dereference via malformed requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34798"
},
{
"category": "external",
"summary": "RHBZ#2005128",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005128"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34798",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34798"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: NULL pointer dereference via malformed requests"
}
]
}
ghsa-f3rq-463v-2j36
Vulnerability from github
Published
2022-08-27 00:00
Modified
2022-09-01 00:00
Severity
Details
A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.
{
"affected": [],
"aliases": [
"CVE-2021-3688"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-22"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-08-26T16:15:00Z",
"severity": "CRITICAL"
},
"details": "A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.",
"id": "GHSA-f3rq-463v-2j36",
"modified": "2022-09-01T00:00:17Z",
"published": "2022-08-27T00:00:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3688"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2021-3688"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990252"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
gsd-2021-3688
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-3688",
"description": "A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.",
"id": "GSD-2021-3688",
"references": [
"https://access.redhat.com/errata/RHSA-2021:4613",
"https://access.redhat.com/errata/RHSA-2021:4614"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-3688"
],
"details": "A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.",
"id": "GSD-2021-3688",
"modified": "2023-12-13T01:23:35.217983Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-3688",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Red Hat JBCS HTTP Server",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Fixed in jbcs-httpd-2.4.37.SP10 GA"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-200",
"lang": "eng",
"value": "CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1990252",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990252"
},
{
"name": "https://access.redhat.com/security/cve/CVE-2021-3688",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/CVE-2021-3688"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_core_services_httpd:2.4.37:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_core_services_httpd:2.4.37:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_core_services_httpd:2.4.37:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_core_services_httpd:2.4.37:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_core_services_httpd:2.4.37:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_core_services_httpd:2.4.37:sp5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_core_services_httpd:2.4.37:sp6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_core_services_httpd:2.4.37:sp7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_core_services_httpd:2.4.37:sp8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_core_services_httpd:2.4.37:sp9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_core_services_httpd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.4.37",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-3688"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://access.redhat.com/security/cve/CVE-2021-3688",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-3688"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1990252",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990252"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5
}
},
"lastModifiedDate": "2023-02-12T23:42Z",
"publishedDate": "2022-08-26T16:15Z"
}
}
}
Loading...