Action not permitted
Modal body text goes here.
cve-2024-38473
Vulnerability from cvelistv5
Published
2024-07-01 18:14
Modified
2024-09-13 17:04
Severity
Summary
Apache HTTP Server proxy encoding problem
References
Impacted products
| Vendor | Product |
|---|---|
| Apache Software Foundation | Apache HTTP Server |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache_software_foundation:apache_http_server:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "apache_http_server",
"vendor": "apache_software_foundation",
"versions": [
{
"lessThanOrEqual": "2.4.59",
"status": "affected",
"version": "2.4.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-38473",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-24T13:55:35.300035Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-24T14:02:38.927Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-09-13T17:04:54.566Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240712-0001/"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/01/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache HTTP Server",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.4.59",
"status": "affected",
"version": "2.4.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Orange Tsai (@orange_8361) from DEVCORE"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests.\u003cbr\u003eUsers are recommended to upgrade to version 2.4.60, which fixes this issue."
}
],
"value": "Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-116",
"description": "CWE-116 Improper Encoding or Escaping of Output",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T18:14:21.520Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240712-0001/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2024-04-01T12:00:00.000Z",
"value": "reported"
}
],
"title": "Apache HTTP Server proxy encoding problem",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-38473",
"datePublished": "2024-07-01T18:14:21.520Z",
"dateReserved": "2024-06-17T11:05:01.135Z",
"dateUpdated": "2024-09-13T17:04:54.566Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-38473\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2024-07-01T19:15:04.657\",\"lastModified\":\"2024-08-01T13:54:52.397\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests.\\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.\"},{\"lang\":\"es\",\"value\":\"El problema de codificaci\u00f3n en mod_proxy en Apache HTTP Server 2.4.59 y versiones anteriores permite que las URL de solicitud con codificaci\u00f3n incorrecta se env\u00eden a servicios backend, lo que potencialmente evita la autenticaci\u00f3n mediante solicitudes manipuladas. Se recomienda a los usuarios actualizar a la versi\u00f3n 2.4.60, que soluciona este problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-116\"}]}],\"references\":[{\"url\":\"https://httpd.apache.org/security/vulnerabilities_24.html\",\"source\":\"security@apache.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240712-0001/\",\"source\":\"security@apache.org\"}]}}"
}
}
rhsa-2024_5001
Vulnerability from csaf_redhat
Published
2024-08-06 08:17
Modified
2024-09-13 21:32
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Encoding problem in mod_proxy (CVE-2024-38473)
* httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Encoding problem in mod_proxy (CVE-2024-38473)\n\n* httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:5001",
"url": "https://access.redhat.com/errata/RHSA-2024:5001"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2295012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295012"
},
{
"category": "external",
"summary": "2295022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295022"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_5001.json"
}
],
"title": "Red Hat Security Advisory: httpd security update",
"tracking": {
"current_release_date": "2024-09-13T21:32:59+00:00",
"generator": {
"date": "2024-09-13T21:32:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2024:5001",
"initial_release_date": "2024-08-06T08:17:42+00:00",
"revision_history": [
{
"date": "2024-08-06T08:17:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-08-06T08:17:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T21:32:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.2::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.53-11.el9_2.10.src",
"product": {
"name": "httpd-0:2.4.53-11.el9_2.10.src",
"product_id": "httpd-0:2.4.53-11.el9_2.10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.53-11.el9_2.10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.53-11.el9_2.10.aarch64",
"product": {
"name": "httpd-0:2.4.53-11.el9_2.10.aarch64",
"product_id": "httpd-0:2.4.53-11.el9_2.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.53-11.el9_2.10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-core-0:2.4.53-11.el9_2.10.aarch64",
"product": {
"name": "httpd-core-0:2.4.53-11.el9_2.10.aarch64",
"product_id": "httpd-core-0:2.4.53-11.el9_2.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core@2.4.53-11.el9_2.10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.53-11.el9_2.10.aarch64",
"product": {
"name": "httpd-devel-0:2.4.53-11.el9_2.10.aarch64",
"product_id": "httpd-devel-0:2.4.53-11.el9_2.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.53-11.el9_2.10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.53-11.el9_2.10.aarch64",
"product": {
"name": "httpd-tools-0:2.4.53-11.el9_2.10.aarch64",
"product_id": "httpd-tools-0:2.4.53-11.el9_2.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.53-11.el9_2.10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.53-11.el9_2.10.aarch64",
"product": {
"name": "mod_ldap-0:2.4.53-11.el9_2.10.aarch64",
"product_id": "mod_ldap-0:2.4.53-11.el9_2.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.53-11.el9_2.10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_lua-0:2.4.53-11.el9_2.10.aarch64",
"product": {
"name": "mod_lua-0:2.4.53-11.el9_2.10.aarch64",
"product_id": "mod_lua-0:2.4.53-11.el9_2.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua@2.4.53-11.el9_2.10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.53-11.el9_2.10.aarch64",
"product": {
"name": "mod_proxy_html-1:2.4.53-11.el9_2.10.aarch64",
"product_id": "mod_proxy_html-1:2.4.53-11.el9_2.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.53-11.el9_2.10?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.53-11.el9_2.10.aarch64",
"product": {
"name": "mod_session-0:2.4.53-11.el9_2.10.aarch64",
"product_id": "mod_session-0:2.4.53-11.el9_2.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.53-11.el9_2.10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.53-11.el9_2.10.aarch64",
"product": {
"name": "mod_ssl-1:2.4.53-11.el9_2.10.aarch64",
"product_id": "mod_ssl-1:2.4.53-11.el9_2.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.53-11.el9_2.10?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.53-11.el9_2.10.aarch64",
"product": {
"name": "httpd-debugsource-0:2.4.53-11.el9_2.10.aarch64",
"product_id": "httpd-debugsource-0:2.4.53-11.el9_2.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.53-11.el9_2.10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-core-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"product": {
"name": "httpd-core-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"product_id": "httpd-core-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-11.el9_2.10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"product": {
"name": "httpd-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"product_id": "httpd-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.53-11.el9_2.10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"product_id": "httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-11.el9_2.10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"product_id": "mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-11.el9_2.10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_lua-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"product": {
"name": "mod_lua-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"product_id": "mod_lua-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-11.el9_2.10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"product_id": "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-11.el9_2.10?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"product": {
"name": "mod_session-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"product_id": "mod_session-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-11.el9_2.10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"product_id": "mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-11.el9_2.10?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.53-11.el9_2.10.ppc64le",
"product": {
"name": "httpd-0:2.4.53-11.el9_2.10.ppc64le",
"product_id": "httpd-0:2.4.53-11.el9_2.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.53-11.el9_2.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-core-0:2.4.53-11.el9_2.10.ppc64le",
"product": {
"name": "httpd-core-0:2.4.53-11.el9_2.10.ppc64le",
"product_id": "httpd-core-0:2.4.53-11.el9_2.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core@2.4.53-11.el9_2.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.53-11.el9_2.10.ppc64le",
"product": {
"name": "httpd-devel-0:2.4.53-11.el9_2.10.ppc64le",
"product_id": "httpd-devel-0:2.4.53-11.el9_2.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.53-11.el9_2.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.53-11.el9_2.10.ppc64le",
"product": {
"name": "httpd-tools-0:2.4.53-11.el9_2.10.ppc64le",
"product_id": "httpd-tools-0:2.4.53-11.el9_2.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.53-11.el9_2.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.53-11.el9_2.10.ppc64le",
"product": {
"name": "mod_ldap-0:2.4.53-11.el9_2.10.ppc64le",
"product_id": "mod_ldap-0:2.4.53-11.el9_2.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.53-11.el9_2.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_lua-0:2.4.53-11.el9_2.10.ppc64le",
"product": {
"name": "mod_lua-0:2.4.53-11.el9_2.10.ppc64le",
"product_id": "mod_lua-0:2.4.53-11.el9_2.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua@2.4.53-11.el9_2.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.53-11.el9_2.10.ppc64le",
"product": {
"name": "mod_proxy_html-1:2.4.53-11.el9_2.10.ppc64le",
"product_id": "mod_proxy_html-1:2.4.53-11.el9_2.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.53-11.el9_2.10?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.53-11.el9_2.10.ppc64le",
"product": {
"name": "mod_session-0:2.4.53-11.el9_2.10.ppc64le",
"product_id": "mod_session-0:2.4.53-11.el9_2.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.53-11.el9_2.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.53-11.el9_2.10.ppc64le",
"product": {
"name": "mod_ssl-1:2.4.53-11.el9_2.10.ppc64le",
"product_id": "mod_ssl-1:2.4.53-11.el9_2.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.53-11.el9_2.10?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.53-11.el9_2.10.ppc64le",
"product": {
"name": "httpd-debugsource-0:2.4.53-11.el9_2.10.ppc64le",
"product_id": "httpd-debugsource-0:2.4.53-11.el9_2.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.53-11.el9_2.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-core-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"product": {
"name": "httpd-core-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"product_id": "httpd-core-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-11.el9_2.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"product": {
"name": "httpd-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"product_id": "httpd-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.53-11.el9_2.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"product_id": "httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-11.el9_2.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"product_id": "mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-11.el9_2.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_lua-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"product": {
"name": "mod_lua-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"product_id": "mod_lua-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-11.el9_2.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"product_id": "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-11.el9_2.10?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"product": {
"name": "mod_session-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"product_id": "mod_session-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-11.el9_2.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"product_id": "mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-11.el9_2.10?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.53-11.el9_2.10.x86_64",
"product": {
"name": "httpd-0:2.4.53-11.el9_2.10.x86_64",
"product_id": "httpd-0:2.4.53-11.el9_2.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.53-11.el9_2.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-core-0:2.4.53-11.el9_2.10.x86_64",
"product": {
"name": "httpd-core-0:2.4.53-11.el9_2.10.x86_64",
"product_id": "httpd-core-0:2.4.53-11.el9_2.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core@2.4.53-11.el9_2.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.53-11.el9_2.10.x86_64",
"product": {
"name": "httpd-devel-0:2.4.53-11.el9_2.10.x86_64",
"product_id": "httpd-devel-0:2.4.53-11.el9_2.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.53-11.el9_2.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.53-11.el9_2.10.x86_64",
"product": {
"name": "httpd-tools-0:2.4.53-11.el9_2.10.x86_64",
"product_id": "httpd-tools-0:2.4.53-11.el9_2.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.53-11.el9_2.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.53-11.el9_2.10.x86_64",
"product": {
"name": "mod_ldap-0:2.4.53-11.el9_2.10.x86_64",
"product_id": "mod_ldap-0:2.4.53-11.el9_2.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.53-11.el9_2.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_lua-0:2.4.53-11.el9_2.10.x86_64",
"product": {
"name": "mod_lua-0:2.4.53-11.el9_2.10.x86_64",
"product_id": "mod_lua-0:2.4.53-11.el9_2.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua@2.4.53-11.el9_2.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.53-11.el9_2.10.x86_64",
"product": {
"name": "mod_proxy_html-1:2.4.53-11.el9_2.10.x86_64",
"product_id": "mod_proxy_html-1:2.4.53-11.el9_2.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.53-11.el9_2.10?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.53-11.el9_2.10.x86_64",
"product": {
"name": "mod_session-0:2.4.53-11.el9_2.10.x86_64",
"product_id": "mod_session-0:2.4.53-11.el9_2.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.53-11.el9_2.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.53-11.el9_2.10.x86_64",
"product": {
"name": "mod_ssl-1:2.4.53-11.el9_2.10.x86_64",
"product_id": "mod_ssl-1:2.4.53-11.el9_2.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.53-11.el9_2.10?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.53-11.el9_2.10.x86_64",
"product": {
"name": "httpd-debugsource-0:2.4.53-11.el9_2.10.x86_64",
"product_id": "httpd-debugsource-0:2.4.53-11.el9_2.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.53-11.el9_2.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-core-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"product": {
"name": "httpd-core-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"product_id": "httpd-core-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-11.el9_2.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"product_id": "httpd-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.53-11.el9_2.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"product_id": "httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-11.el9_2.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"product_id": "mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-11.el9_2.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_lua-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"product": {
"name": "mod_lua-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"product_id": "mod_lua-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-11.el9_2.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.x86_64",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.x86_64",
"product_id": "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-11.el9_2.10?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"product": {
"name": "mod_session-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"product_id": "mod_session-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-11.el9_2.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.x86_64",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.x86_64",
"product_id": "mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-11.el9_2.10?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.53-11.el9_2.10.s390x",
"product": {
"name": "httpd-0:2.4.53-11.el9_2.10.s390x",
"product_id": "httpd-0:2.4.53-11.el9_2.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.53-11.el9_2.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-core-0:2.4.53-11.el9_2.10.s390x",
"product": {
"name": "httpd-core-0:2.4.53-11.el9_2.10.s390x",
"product_id": "httpd-core-0:2.4.53-11.el9_2.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core@2.4.53-11.el9_2.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.53-11.el9_2.10.s390x",
"product": {
"name": "httpd-devel-0:2.4.53-11.el9_2.10.s390x",
"product_id": "httpd-devel-0:2.4.53-11.el9_2.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.53-11.el9_2.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.53-11.el9_2.10.s390x",
"product": {
"name": "httpd-tools-0:2.4.53-11.el9_2.10.s390x",
"product_id": "httpd-tools-0:2.4.53-11.el9_2.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.53-11.el9_2.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.53-11.el9_2.10.s390x",
"product": {
"name": "mod_ldap-0:2.4.53-11.el9_2.10.s390x",
"product_id": "mod_ldap-0:2.4.53-11.el9_2.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.53-11.el9_2.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_lua-0:2.4.53-11.el9_2.10.s390x",
"product": {
"name": "mod_lua-0:2.4.53-11.el9_2.10.s390x",
"product_id": "mod_lua-0:2.4.53-11.el9_2.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua@2.4.53-11.el9_2.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.53-11.el9_2.10.s390x",
"product": {
"name": "mod_proxy_html-1:2.4.53-11.el9_2.10.s390x",
"product_id": "mod_proxy_html-1:2.4.53-11.el9_2.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.53-11.el9_2.10?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.53-11.el9_2.10.s390x",
"product": {
"name": "mod_session-0:2.4.53-11.el9_2.10.s390x",
"product_id": "mod_session-0:2.4.53-11.el9_2.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.53-11.el9_2.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.53-11.el9_2.10.s390x",
"product": {
"name": "mod_ssl-1:2.4.53-11.el9_2.10.s390x",
"product_id": "mod_ssl-1:2.4.53-11.el9_2.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.53-11.el9_2.10?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.53-11.el9_2.10.s390x",
"product": {
"name": "httpd-debugsource-0:2.4.53-11.el9_2.10.s390x",
"product_id": "httpd-debugsource-0:2.4.53-11.el9_2.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.53-11.el9_2.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-core-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"product": {
"name": "httpd-core-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"product_id": "httpd-core-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-11.el9_2.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"product": {
"name": "httpd-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"product_id": "httpd-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.53-11.el9_2.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"product_id": "httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-11.el9_2.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"product_id": "mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-11.el9_2.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_lua-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"product": {
"name": "mod_lua-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"product_id": "mod_lua-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-11.el9_2.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"product_id": "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-11.el9_2.10?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"product": {
"name": "mod_session-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"product_id": "mod_session-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-11.el9_2.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"product_id": "mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-11.el9_2.10?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-filesystem-0:2.4.53-11.el9_2.10.noarch",
"product": {
"name": "httpd-filesystem-0:2.4.53-11.el9_2.10.noarch",
"product_id": "httpd-filesystem-0:2.4.53-11.el9_2.10.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-filesystem@2.4.53-11.el9_2.10?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.4.53-11.el9_2.10.noarch",
"product": {
"name": "httpd-manual-0:2.4.53-11.el9_2.10.noarch",
"product_id": "httpd-manual-0:2.4.53-11.el9_2.10.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.4.53-11.el9_2.10?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.53-11.el9_2.10.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.aarch64"
},
"product_reference": "httpd-0:2.4.53-11.el9_2.10.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.53-11.el9_2.10.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.ppc64le"
},
"product_reference": "httpd-0:2.4.53-11.el9_2.10.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.53-11.el9_2.10.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.s390x"
},
"product_reference": "httpd-0:2.4.53-11.el9_2.10.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.53-11.el9_2.10.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.src"
},
"product_reference": "httpd-0:2.4.53-11.el9_2.10.src",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.53-11.el9_2.10.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.x86_64"
},
"product_reference": "httpd-0:2.4.53-11.el9_2.10.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-0:2.4.53-11.el9_2.10.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.aarch64"
},
"product_reference": "httpd-core-0:2.4.53-11.el9_2.10.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-0:2.4.53-11.el9_2.10.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.ppc64le"
},
"product_reference": "httpd-core-0:2.4.53-11.el9_2.10.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-0:2.4.53-11.el9_2.10.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.s390x"
},
"product_reference": "httpd-core-0:2.4.53-11.el9_2.10.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-0:2.4.53-11.el9_2.10.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.x86_64"
},
"product_reference": "httpd-core-0:2.4.53-11.el9_2.10.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-debuginfo-0:2.4.53-11.el9_2.10.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.aarch64"
},
"product_reference": "httpd-core-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-debuginfo-0:2.4.53-11.el9_2.10.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.ppc64le"
},
"product_reference": "httpd-core-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-debuginfo-0:2.4.53-11.el9_2.10.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.s390x"
},
"product_reference": "httpd-core-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-debuginfo-0:2.4.53-11.el9_2.10.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.x86_64"
},
"product_reference": "httpd-core-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.53-11.el9_2.10.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.53-11.el9_2.10.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.53-11.el9_2.10.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.53-11.el9_2.10.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.53-11.el9_2.10.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.aarch64"
},
"product_reference": "httpd-debugsource-0:2.4.53-11.el9_2.10.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.53-11.el9_2.10.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.ppc64le"
},
"product_reference": "httpd-debugsource-0:2.4.53-11.el9_2.10.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.53-11.el9_2.10.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.s390x"
},
"product_reference": "httpd-debugsource-0:2.4.53-11.el9_2.10.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.53-11.el9_2.10.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.x86_64"
},
"product_reference": "httpd-debugsource-0:2.4.53-11.el9_2.10.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.53-11.el9_2.10.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.aarch64"
},
"product_reference": "httpd-devel-0:2.4.53-11.el9_2.10.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.53-11.el9_2.10.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.53-11.el9_2.10.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.53-11.el9_2.10.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.s390x"
},
"product_reference": "httpd-devel-0:2.4.53-11.el9_2.10.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.53-11.el9_2.10.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.x86_64"
},
"product_reference": "httpd-devel-0:2.4.53-11.el9_2.10.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-filesystem-0:2.4.53-11.el9_2.10.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.10.noarch"
},
"product_reference": "httpd-filesystem-0:2.4.53-11.el9_2.10.noarch",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.53-11.el9_2.10.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.10.noarch"
},
"product_reference": "httpd-manual-0:2.4.53-11.el9_2.10.noarch",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.53-11.el9_2.10.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.aarch64"
},
"product_reference": "httpd-tools-0:2.4.53-11.el9_2.10.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.53-11.el9_2.10.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.53-11.el9_2.10.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.53-11.el9_2.10.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.s390x"
},
"product_reference": "httpd-tools-0:2.4.53-11.el9_2.10.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.53-11.el9_2.10.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.x86_64"
},
"product_reference": "httpd-tools-0:2.4.53-11.el9_2.10.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.aarch64"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.ppc64le"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.s390x"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.x86_64"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.53-11.el9_2.10.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.aarch64"
},
"product_reference": "mod_ldap-0:2.4.53-11.el9_2.10.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.53-11.el9_2.10.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.53-11.el9_2.10.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.53-11.el9_2.10.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.s390x"
},
"product_reference": "mod_ldap-0:2.4.53-11.el9_2.10.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.53-11.el9_2.10.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.x86_64"
},
"product_reference": "mod_ldap-0:2.4.53-11.el9_2.10.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.aarch64"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.ppc64le"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.s390x"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.x86_64"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-0:2.4.53-11.el9_2.10.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.aarch64"
},
"product_reference": "mod_lua-0:2.4.53-11.el9_2.10.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-0:2.4.53-11.el9_2.10.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.ppc64le"
},
"product_reference": "mod_lua-0:2.4.53-11.el9_2.10.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-0:2.4.53-11.el9_2.10.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.s390x"
},
"product_reference": "mod_lua-0:2.4.53-11.el9_2.10.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-0:2.4.53-11.el9_2.10.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.x86_64"
},
"product_reference": "mod_lua-0:2.4.53-11.el9_2.10.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-debuginfo-0:2.4.53-11.el9_2.10.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.aarch64"
},
"product_reference": "mod_lua-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-debuginfo-0:2.4.53-11.el9_2.10.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.ppc64le"
},
"product_reference": "mod_lua-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-debuginfo-0:2.4.53-11.el9_2.10.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.s390x"
},
"product_reference": "mod_lua-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-debuginfo-0:2.4.53-11.el9_2.10.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.x86_64"
},
"product_reference": "mod_lua-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.53-11.el9_2.10.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.53-11.el9_2.10.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.53-11.el9_2.10.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.53-11.el9_2.10.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.53-11.el9_2.10.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.53-11.el9_2.10.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.53-11.el9_2.10.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.53-11.el9_2.10.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.aarch64"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.ppc64le"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.s390x"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.x86_64"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.53-11.el9_2.10.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.aarch64"
},
"product_reference": "mod_session-0:2.4.53-11.el9_2.10.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.53-11.el9_2.10.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.ppc64le"
},
"product_reference": "mod_session-0:2.4.53-11.el9_2.10.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.53-11.el9_2.10.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.s390x"
},
"product_reference": "mod_session-0:2.4.53-11.el9_2.10.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.53-11.el9_2.10.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.x86_64"
},
"product_reference": "mod_session-0:2.4.53-11.el9_2.10.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.53-11.el9_2.10.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.aarch64"
},
"product_reference": "mod_session-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.53-11.el9_2.10.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.ppc64le"
},
"product_reference": "mod_session-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.53-11.el9_2.10.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.s390x"
},
"product_reference": "mod_session-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.53-11.el9_2.10.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.x86_64"
},
"product_reference": "mod_session-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.53-11.el9_2.10.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.aarch64"
},
"product_reference": "mod_ssl-1:2.4.53-11.el9_2.10.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.53-11.el9_2.10.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.53-11.el9_2.10.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.53-11.el9_2.10.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.s390x"
},
"product_reference": "mod_ssl-1:2.4.53-11.el9_2.10.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.53-11.el9_2.10.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.x86_64"
},
"product_reference": "mod_ssl-1:2.4.53-11.el9_2.10.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.aarch64"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.ppc64le"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.s390x"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.x86_64"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-38473",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"discovery_date": "2024-07-01T19:21:36+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295012"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_proxy module of httpd. Due to an encoding problem, specially crafted request URLs with incorrect encoding can be sent to backend services, potentially bypassing authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Encoding problem in mod_proxy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects configurations where mechanisms other than ProxyPass/ProxyPassMatch or RewriteRule with the \u0027P\u0027 flag are used to configure a request to be proxied, such as SetHandler or inadvertent proxying via CVE-2024-39573. Note that these alternate mechanisms may be used within .htaccess files.\n\nFor more information about CVE-2024-39573, see https://access.redhat.com/security/cve/CVE-2024-39573.\n\nAdditionally, this flaw requires mod_proxy to be loaded and being used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.src",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.10.noarch",
"AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.10.noarch",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38473"
},
{
"category": "external",
"summary": "RHBZ#2295012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295012"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38473"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38473",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38473"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.src",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.10.noarch",
"AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.10.noarch",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5001"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.src",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.10.noarch",
"AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.10.noarch",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.src",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.10.noarch",
"AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.10.noarch",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Encoding problem in mod_proxy"
},
{
"cve": "CVE-2024-39573",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295022"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_rewrite module of httpd. A potential SSRF allows an attacker to cause unsafe rules used in the RewriteRule directive to unexpectedly set up URLs to be handled by the mod_proxy module.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Potential SSRF in mod_rewrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects configurations with unsafe rules used in the RewriteRule directive.\n\nAdditionally, this flaw requires mod_rewrite and mod_proxy to be loaded and being used. These modules can be disabled via the configuration file if their functionality are not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.src",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.10.noarch",
"AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.10.noarch",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39573"
},
{
"category": "external",
"summary": "RHBZ#2295022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295022"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39573",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39573"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39573",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39573"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.src",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.10.noarch",
"AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.10.noarch",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5001"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.src",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.10.noarch",
"AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.10.noarch",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.src",
"AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.10.noarch",
"AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.10.noarch",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.10.x86_64",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.aarch64",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.ppc64le",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.s390x",
"AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Potential SSRF in mod_rewrite"
}
]
}
rhsa-2024_4720
Vulnerability from csaf_redhat
Published
2024-07-23 08:57
Modified
2024-09-13 21:32
Summary
Red Hat Security Advisory: httpd:2.4 security update
Notes
Topic
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Encoding problem in mod_proxy (CVE-2024-38473)
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
* httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Encoding problem in mod_proxy (CVE-2024-38473)\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\n* httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:4720",
"url": "https://access.redhat.com/errata/RHSA-2024:4720"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2295012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295012"
},
{
"category": "external",
"summary": "2295013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295013"
},
{
"category": "external",
"summary": "2295014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295014"
},
{
"category": "external",
"summary": "2295016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295016"
},
{
"category": "external",
"summary": "2295022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295022"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_4720.json"
}
],
"title": "Red Hat Security Advisory: httpd:2.4 security update",
"tracking": {
"current_release_date": "2024-09-13T21:32:09+00:00",
"generator": {
"date": "2024-09-13T21:32:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2024:4720",
"initial_release_date": "2024-07-23T08:57:47+00:00",
"revision_history": [
{
"date": "2024-07-23T08:57:47+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-07-23T08:57:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T21:32:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd:2.4:8100020240712114234:489197e6",
"product": {
"name": "httpd:2.4:8100020240712114234:489197e6",
"product_id": "httpd:2.4:8100020240712114234:489197e6",
"product_identification_helper": {
"purl": "pkg:rpmmod/redhat/httpd@2.4:8100020240712114234:489197e6"
}
}
},
{
"category": "product_version",
"name": "httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"product": {
"name": "httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"product_id": "httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-filesystem@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"product": {
"name": "httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"product_id": "httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"product": {
"name": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"product_id": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=src"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"product": {
"name": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"product_id": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=src"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"product_id": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product": {
"name": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_id": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_id": "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product": {
"name": "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_id": "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product": {
"name": "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_id": "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product": {
"name": "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_id": "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_id": "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"product": {
"name": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"product_id": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"product_id": "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"product_id": "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product": {
"name": "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_id": "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_id": "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"product_id": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product": {
"name": "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_id": "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product": {
"name": "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_id": "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_id": "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product": {
"name": "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_id": "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_id": "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product": {
"name": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_id": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product": {
"name": "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_id": "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product": {
"name": "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_id": "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product": {
"name": "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_id": "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product": {
"name": "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_id": "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_id": "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"product": {
"name": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"product_id": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"product_id": "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"product_id": "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product": {
"name": "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_id": "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_id": "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"product_id": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product": {
"name": "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_id": "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product": {
"name": "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_id": "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_id": "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product": {
"name": "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_id": "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_id": "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product": {
"name": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_id": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product": {
"name": "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_id": "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product": {
"name": "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_id": "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product": {
"name": "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_id": "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product": {
"name": "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_id": "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_id": "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"product": {
"name": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"product_id": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"product_id": "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"product_id": "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product": {
"name": "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_id": "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_id": "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"product_id": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product": {
"name": "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_id": "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product": {
"name": "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_id": "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_id": "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product": {
"name": "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_id": "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_id": "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product": {
"name": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_id": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product": {
"name": "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_id": "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product": {
"name": "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_id": "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product": {
"name": "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_id": "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product": {
"name": "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_id": "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_id": "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"product": {
"name": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"product_id": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"product_id": "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"product_id": "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product": {
"name": "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_id": "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_id": "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"product_id": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product": {
"name": "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_id": "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product": {
"name": "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_id": "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_id": "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product": {
"name": "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_id": "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_id": "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
"product_reference": "httpd:2.4:8100020240712114234:489197e6",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64"
},
"product_reference": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le"
},
"product_reference": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x"
},
"product_reference": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src"
},
"product_reference": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
},
"product_reference": "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64"
},
"product_reference": "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le"
},
"product_reference": "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x"
},
"product_reference": "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
},
"product_reference": "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64"
},
"product_reference": "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x"
},
"product_reference": "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
},
"product_reference": "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch"
},
"product_reference": "httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch"
},
"product_reference": "httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64"
},
"product_reference": "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x"
},
"product_reference": "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
},
"product_reference": "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64"
},
"product_reference": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le"
},
"product_reference": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x"
},
"product_reference": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src"
},
"product_reference": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64"
},
"product_reference": "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64"
},
"product_reference": "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x"
},
"product_reference": "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
},
"product_reference": "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64"
},
"product_reference": "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le"
},
"product_reference": "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x"
},
"product_reference": "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
},
"product_reference": "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64"
},
"product_reference": "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x"
},
"product_reference": "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
},
"product_reference": "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-38473",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"discovery_date": "2024-07-01T19:21:36+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295012"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_proxy module of httpd. Due to an encoding problem, specially crafted request URLs with incorrect encoding can be sent to backend services, potentially bypassing authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Encoding problem in mod_proxy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects configurations where mechanisms other than ProxyPass/ProxyPassMatch or RewriteRule with the \u0027P\u0027 flag are used to configure a request to be proxied, such as SetHandler or inadvertent proxying via CVE-2024-39573. Note that these alternate mechanisms may be used within .htaccess files.\n\nFor more information about CVE-2024-39573, see https://access.redhat.com/security/cve/CVE-2024-39573.\n\nAdditionally, this flaw requires mod_proxy to be loaded and being used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38473"
},
{
"category": "external",
"summary": "RHBZ#2295012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295012"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38473"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38473",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38473"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4720"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Encoding problem in mod_proxy"
},
{
"cve": "CVE-2024-38474",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"discovery_date": "2024-07-01T19:21:49+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295013"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Substitution encoding issue in mod_rewrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38474"
},
{
"category": "external",
"summary": "RHBZ#2295013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295013"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38474",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38474"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38474",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38474"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4720"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Substitution encoding issue in mod_rewrite"
},
{
"cve": "CVE-2024-38475",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"discovery_date": "2024-07-01T19:22:02+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295014"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Improper escaping of output in mod_rewrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38475"
},
{
"category": "external",
"summary": "RHBZ#2295014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295014"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38475",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38475"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38475",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38475"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4720"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Improper escaping of output in mod_rewrite"
},
{
"cve": "CVE-2024-38477",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-07-01T19:22:29+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295016"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: NULL pointer dereference in mod_proxy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38477"
},
{
"category": "external",
"summary": "RHBZ#2295016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295016"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38477"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38477",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38477"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4720"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: NULL pointer dereference in mod_proxy"
},
{
"cve": "CVE-2024-39573",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295022"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_rewrite module of httpd. A potential SSRF allows an attacker to cause unsafe rules used in the RewriteRule directive to unexpectedly set up URLs to be handled by the mod_proxy module.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Potential SSRF in mod_rewrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects configurations with unsafe rules used in the RewriteRule directive.\n\nAdditionally, this flaw requires mod_rewrite and mod_proxy to be loaded and being used. These modules can be disabled via the configuration file if their functionality are not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39573"
},
{
"category": "external",
"summary": "RHBZ#2295022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295022"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39573",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39573"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39573",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39573"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4720"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Potential SSRF in mod_rewrite"
}
]
}
rhsa-2024_5239
Vulnerability from csaf_redhat
Published
2024-08-13 13:18
Modified
2024-09-13 21:33
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP5 security update
Notes
Topic
Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 4, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.
Security Fix(es):
* jbcs-httpd24-httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)
* jbcs-httpd24-httpd: null pointer dereference in mod_proxy (CVE-2024-38477)
* jbcs-httpd24-httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* jbcs-httpd24-httpd: Encoding problem in mod_proxy (CVE-2024-38473)
* jbcs-httpd24-httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* jbcs-httpd24-httpd: Security issues via backend applications whose response headers are malicious or exploitable (CVE-2024-38476)
A Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 4, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.\n\nSecurity Fix(es):\n\n* jbcs-httpd24-httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)\n* jbcs-httpd24-httpd: null pointer dereference in mod_proxy (CVE-2024-38477)\n* jbcs-httpd24-httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n* jbcs-httpd24-httpd: Encoding problem in mod_proxy (CVE-2024-38473)\n* jbcs-httpd24-httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n* jbcs-httpd24-httpd: Security issues via backend applications whose response headers are malicious or exploitable (CVE-2024-38476)\n\nA Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:5239",
"url": "https://access.redhat.com/errata/RHSA-2024:5239"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_core_services/2.4.57/html/red_hat_jboss_core_services_apache_http_server_2.4.57_service_pack_5_release_notes/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_core_services/2.4.57/html/red_hat_jboss_core_services_apache_http_server_2.4.57_service_pack_5_release_notes/index"
},
{
"category": "external",
"summary": "2295012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295012"
},
{
"category": "external",
"summary": "2295013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295013"
},
{
"category": "external",
"summary": "2295014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295014"
},
{
"category": "external",
"summary": "2295015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295015"
},
{
"category": "external",
"summary": "2295016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295016"
},
{
"category": "external",
"summary": "2295022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295022"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_5239.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP5 security update",
"tracking": {
"current_release_date": "2024-09-13T21:33:20+00:00",
"generator": {
"date": "2024-09-13T21:33:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2024:5239",
"initial_release_date": "2024-08-13T13:18:01+00:00",
"revision_history": [
{
"date": "2024-08-13T13:18:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-08-13T13:18:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T21:33:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services on RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Core Services on RHEL 8",
"product": {
"name": "Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"product_id": "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.57-13.el7jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-41.el7jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"product_id": "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.49-11.redhat_1.el7jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"product_id": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.20-8.el7jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"product_id": "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-40.el7jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"product_id": "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.24-11.el7jbcs?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"product_id": "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.57-13.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-41.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.49-11.redhat_1.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.20-8.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-40.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.24-11.el8jbcs?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.57-13.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.57-13.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.57-13.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.57-13.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.57-13.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.57-13.el7jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.57-13.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.57-13.el7jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.57-13.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-41.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.19-41.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.49-11.redhat_1.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.49-11.redhat_1.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.20-8.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster-debuginfo@1.3.20-8.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-40.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.3-40.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.24-11.el7jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.4.24-11.el7jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.57-13.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.57-13.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.57-13.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.57-13.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.57-13.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.57-13.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.57-13.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.57-13.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.57-13.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools-debuginfo@2.4.57-13.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap-debuginfo@2.4.57-13.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html-debuginfo@2.4.57-13.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session-debuginfo@2.4.57-13.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl-debuginfo@2.4.57-13.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-41.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.19-41.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.49-11.redhat_1.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24-debuginfo@1.2.49-11.redhat_1.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.20-8.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster-debuginfo@1.3.20-8.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-40.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.3-40.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.24-11.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.4.24-11.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"product": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"product_id": "jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.57-13.el7jbcs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"product": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"product_id": "jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.57-13.el8jbcs?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch"
},
"product_reference": "jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch"
},
"product_reference": "jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-38473",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"discovery_date": "2024-07-01T19:21:36+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295012"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_proxy module of httpd. Due to an encoding problem, specially crafted request URLs with incorrect encoding can be sent to backend services, potentially bypassing authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Encoding problem in mod_proxy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects configurations where mechanisms other than ProxyPass/ProxyPassMatch or RewriteRule with the \u0027P\u0027 flag are used to configure a request to be proxied, such as SetHandler or inadvertent proxying via CVE-2024-39573. Note that these alternate mechanisms may be used within .htaccess files.\n\nFor more information about CVE-2024-39573, see https://access.redhat.com/security/cve/CVE-2024-39573.\n\nAdditionally, this flaw requires mod_proxy to be loaded and being used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38473"
},
{
"category": "external",
"summary": "RHBZ#2295012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295012"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38473"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38473",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38473"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5239"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Encoding problem in mod_proxy"
},
{
"cve": "CVE-2024-38474",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"discovery_date": "2024-07-01T19:21:49+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295013"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Substitution encoding issue in mod_rewrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38474"
},
{
"category": "external",
"summary": "RHBZ#2295013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295013"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38474",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38474"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38474",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38474"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5239"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Substitution encoding issue in mod_rewrite"
},
{
"cve": "CVE-2024-38475",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"discovery_date": "2024-07-01T19:22:02+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295014"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Improper escaping of output in mod_rewrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38475"
},
{
"category": "external",
"summary": "RHBZ#2295014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295014"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38475",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38475"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38475",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38475"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5239"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Improper escaping of output in mod_rewrite"
},
{
"cve": "CVE-2024-38476",
"cwe": {
"id": "CWE-829",
"name": "Inclusion of Functionality from Untrusted Control Sphere"
},
"discovery_date": "2024-07-01T19:22:16+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295015"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery (SSRF) or local script execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Security issues via\u00a0backend applications whose response headers are malicious or exploitable",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw can only be exploited by backend applications via malicious or exploitable response headers.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38476"
},
{
"category": "external",
"summary": "RHBZ#2295015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295015"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38476",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38476"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38476",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38476"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38476",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38476"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5239"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Security issues via\u00a0backend applications whose response headers are malicious or exploitable"
},
{
"cve": "CVE-2024-38477",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-07-01T19:22:29+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295016"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: NULL pointer dereference in mod_proxy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38477"
},
{
"category": "external",
"summary": "RHBZ#2295016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295016"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38477"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38477",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38477"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5239"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: NULL pointer dereference in mod_proxy"
},
{
"cve": "CVE-2024-39573",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295022"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_rewrite module of httpd. A potential SSRF allows an attacker to cause unsafe rules used in the RewriteRule directive to unexpectedly set up URLs to be handled by the mod_proxy module.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Potential SSRF in mod_rewrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects configurations with unsafe rules used in the RewriteRule directive.\n\nAdditionally, this flaw requires mod_rewrite and mod_proxy to be loaded and being used. These modules can be disabled via the configuration file if their functionality are not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39573"
},
{
"category": "external",
"summary": "RHBZ#2295022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295022"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39573",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39573"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39573",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39573"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5239"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Potential SSRF in mod_rewrite"
}
]
}
rhsa-2024_4726
Vulnerability from csaf_redhat
Published
2024-07-23 13:24
Modified
2024-09-13 21:32
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: null pointer dereference in mod_proxy (CVE-2024-38477)
* httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)
* httpd: Encoding problem in mod_proxy (CVE-2024-38473)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: null pointer dereference in mod_proxy (CVE-2024-38477)\n\n* httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)\n\n* httpd: Encoding problem in mod_proxy (CVE-2024-38473)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:4726",
"url": "https://access.redhat.com/errata/RHSA-2024:4726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2295012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295012"
},
{
"category": "external",
"summary": "2295013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295013"
},
{
"category": "external",
"summary": "2295014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295014"
},
{
"category": "external",
"summary": "2295016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295016"
},
{
"category": "external",
"summary": "2295022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295022"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_4726.json"
}
],
"title": "Red Hat Security Advisory: httpd security update",
"tracking": {
"current_release_date": "2024-09-13T21:32:17+00:00",
"generator": {
"date": "2024-09-13T21:32:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2024:4726",
"initial_release_date": "2024-07-23T13:24:43+00:00",
"revision_history": [
{
"date": "2024-07-23T13:24:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-07-23T13:24:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T21:32:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.57-11.el9_4.src",
"product": {
"name": "httpd-0:2.4.57-11.el9_4.src",
"product_id": "httpd-0:2.4.57-11.el9_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.57-11.el9_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.57-11.el9_4.aarch64",
"product": {
"name": "httpd-0:2.4.57-11.el9_4.aarch64",
"product_id": "httpd-0:2.4.57-11.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.57-11.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-core-0:2.4.57-11.el9_4.aarch64",
"product": {
"name": "httpd-core-0:2.4.57-11.el9_4.aarch64",
"product_id": "httpd-core-0:2.4.57-11.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core@2.4.57-11.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.57-11.el9_4.aarch64",
"product": {
"name": "httpd-devel-0:2.4.57-11.el9_4.aarch64",
"product_id": "httpd-devel-0:2.4.57-11.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.57-11.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.57-11.el9_4.aarch64",
"product": {
"name": "httpd-tools-0:2.4.57-11.el9_4.aarch64",
"product_id": "httpd-tools-0:2.4.57-11.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.57-11.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.57-11.el9_4.aarch64",
"product": {
"name": "mod_ldap-0:2.4.57-11.el9_4.aarch64",
"product_id": "mod_ldap-0:2.4.57-11.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.57-11.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_lua-0:2.4.57-11.el9_4.aarch64",
"product": {
"name": "mod_lua-0:2.4.57-11.el9_4.aarch64",
"product_id": "mod_lua-0:2.4.57-11.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua@2.4.57-11.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"product": {
"name": "mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"product_id": "mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.57-11.el9_4?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.57-11.el9_4.aarch64",
"product": {
"name": "mod_session-0:2.4.57-11.el9_4.aarch64",
"product_id": "mod_session-0:2.4.57-11.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.57-11.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.57-11.el9_4.aarch64",
"product": {
"name": "mod_ssl-1:2.4.57-11.el9_4.aarch64",
"product_id": "mod_ssl-1:2.4.57-11.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.57-11.el9_4?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"product": {
"name": "httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"product_id": "httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.57-11.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"product": {
"name": "httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"product_id": "httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core-debuginfo@2.4.57-11.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"product": {
"name": "httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"product_id": "httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.57-11.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"product_id": "httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.57-11.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"product_id": "mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.57-11.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"product": {
"name": "mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"product_id": "mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua-debuginfo@2.4.57-11.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"product_id": "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.57-11.el9_4?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"product": {
"name": "mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"product_id": "mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.57-11.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"product_id": "mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.57-11.el9_4?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.57-11.el9_4.ppc64le",
"product": {
"name": "httpd-0:2.4.57-11.el9_4.ppc64le",
"product_id": "httpd-0:2.4.57-11.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.57-11.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-core-0:2.4.57-11.el9_4.ppc64le",
"product": {
"name": "httpd-core-0:2.4.57-11.el9_4.ppc64le",
"product_id": "httpd-core-0:2.4.57-11.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core@2.4.57-11.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"product": {
"name": "httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"product_id": "httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.57-11.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"product": {
"name": "httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"product_id": "httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.57-11.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"product": {
"name": "mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"product_id": "mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.57-11.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_lua-0:2.4.57-11.el9_4.ppc64le",
"product": {
"name": "mod_lua-0:2.4.57-11.el9_4.ppc64le",
"product_id": "mod_lua-0:2.4.57-11.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua@2.4.57-11.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"product": {
"name": "mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"product_id": "mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.57-11.el9_4?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.57-11.el9_4.ppc64le",
"product": {
"name": "mod_session-0:2.4.57-11.el9_4.ppc64le",
"product_id": "mod_session-0:2.4.57-11.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.57-11.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"product": {
"name": "mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"product_id": "mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.57-11.el9_4?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"product": {
"name": "httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"product_id": "httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.57-11.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"product": {
"name": "httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"product_id": "httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core-debuginfo@2.4.57-11.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"product": {
"name": "httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"product_id": "httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.57-11.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"product_id": "httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.57-11.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"product_id": "mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.57-11.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"product": {
"name": "mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"product_id": "mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua-debuginfo@2.4.57-11.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"product_id": "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.57-11.el9_4?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"product": {
"name": "mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"product_id": "mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.57-11.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"product_id": "mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.57-11.el9_4?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.57-11.el9_4.x86_64",
"product": {
"name": "httpd-0:2.4.57-11.el9_4.x86_64",
"product_id": "httpd-0:2.4.57-11.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.57-11.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-core-0:2.4.57-11.el9_4.x86_64",
"product": {
"name": "httpd-core-0:2.4.57-11.el9_4.x86_64",
"product_id": "httpd-core-0:2.4.57-11.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core@2.4.57-11.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.57-11.el9_4.x86_64",
"product": {
"name": "httpd-devel-0:2.4.57-11.el9_4.x86_64",
"product_id": "httpd-devel-0:2.4.57-11.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.57-11.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.57-11.el9_4.x86_64",
"product": {
"name": "httpd-tools-0:2.4.57-11.el9_4.x86_64",
"product_id": "httpd-tools-0:2.4.57-11.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.57-11.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.57-11.el9_4.x86_64",
"product": {
"name": "mod_ldap-0:2.4.57-11.el9_4.x86_64",
"product_id": "mod_ldap-0:2.4.57-11.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.57-11.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_lua-0:2.4.57-11.el9_4.x86_64",
"product": {
"name": "mod_lua-0:2.4.57-11.el9_4.x86_64",
"product_id": "mod_lua-0:2.4.57-11.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua@2.4.57-11.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"product": {
"name": "mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"product_id": "mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.57-11.el9_4?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.57-11.el9_4.x86_64",
"product": {
"name": "mod_session-0:2.4.57-11.el9_4.x86_64",
"product_id": "mod_session-0:2.4.57-11.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.57-11.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.57-11.el9_4.x86_64",
"product": {
"name": "mod_ssl-1:2.4.57-11.el9_4.x86_64",
"product_id": "mod_ssl-1:2.4.57-11.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.57-11.el9_4?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"product": {
"name": "httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"product_id": "httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.57-11.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"product": {
"name": "httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"product_id": "httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core-debuginfo@2.4.57-11.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"product_id": "httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.57-11.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"product_id": "httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.57-11.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"product_id": "mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.57-11.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"product": {
"name": "mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"product_id": "mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua-debuginfo@2.4.57-11.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"product_id": "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.57-11.el9_4?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"product": {
"name": "mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"product_id": "mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.57-11.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64",
"product_id": "mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.57-11.el9_4?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.57-11.el9_4.s390x",
"product": {
"name": "httpd-0:2.4.57-11.el9_4.s390x",
"product_id": "httpd-0:2.4.57-11.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.57-11.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-core-0:2.4.57-11.el9_4.s390x",
"product": {
"name": "httpd-core-0:2.4.57-11.el9_4.s390x",
"product_id": "httpd-core-0:2.4.57-11.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core@2.4.57-11.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.57-11.el9_4.s390x",
"product": {
"name": "httpd-devel-0:2.4.57-11.el9_4.s390x",
"product_id": "httpd-devel-0:2.4.57-11.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.57-11.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.57-11.el9_4.s390x",
"product": {
"name": "httpd-tools-0:2.4.57-11.el9_4.s390x",
"product_id": "httpd-tools-0:2.4.57-11.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.57-11.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.57-11.el9_4.s390x",
"product": {
"name": "mod_ldap-0:2.4.57-11.el9_4.s390x",
"product_id": "mod_ldap-0:2.4.57-11.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.57-11.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_lua-0:2.4.57-11.el9_4.s390x",
"product": {
"name": "mod_lua-0:2.4.57-11.el9_4.s390x",
"product_id": "mod_lua-0:2.4.57-11.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua@2.4.57-11.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"product": {
"name": "mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"product_id": "mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.57-11.el9_4?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.57-11.el9_4.s390x",
"product": {
"name": "mod_session-0:2.4.57-11.el9_4.s390x",
"product_id": "mod_session-0:2.4.57-11.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.57-11.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.57-11.el9_4.s390x",
"product": {
"name": "mod_ssl-1:2.4.57-11.el9_4.s390x",
"product_id": "mod_ssl-1:2.4.57-11.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.57-11.el9_4?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"product": {
"name": "httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"product_id": "httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.57-11.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"product": {
"name": "httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"product_id": "httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core-debuginfo@2.4.57-11.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"product": {
"name": "httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"product_id": "httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.57-11.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"product_id": "httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.57-11.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"product_id": "mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.57-11.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"product": {
"name": "mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"product_id": "mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua-debuginfo@2.4.57-11.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"product_id": "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.57-11.el9_4?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"product": {
"name": "mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"product_id": "mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.57-11.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"product_id": "mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.57-11.el9_4?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"product": {
"name": "httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"product_id": "httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-filesystem@2.4.57-11.el9_4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.4.57-11.el9_4.noarch",
"product": {
"name": "httpd-manual-0:2.4.57-11.el9_4.noarch",
"product_id": "httpd-manual-0:2.4.57-11.el9_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.4.57-11.el9_4?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64"
},
"product_reference": "httpd-0:2.4.57-11.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le"
},
"product_reference": "httpd-0:2.4.57-11.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x"
},
"product_reference": "httpd-0:2.4.57-11.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.57-11.el9_4.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src"
},
"product_reference": "httpd-0:2.4.57-11.el9_4.src",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64"
},
"product_reference": "httpd-0:2.4.57-11.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64"
},
"product_reference": "httpd-core-0:2.4.57-11.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le"
},
"product_reference": "httpd-core-0:2.4.57-11.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x"
},
"product_reference": "httpd-core-0:2.4.57-11.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64"
},
"product_reference": "httpd-core-0:2.4.57-11.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64"
},
"product_reference": "httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le"
},
"product_reference": "httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x"
},
"product_reference": "httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64"
},
"product_reference": "httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64"
},
"product_reference": "httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le"
},
"product_reference": "httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x"
},
"product_reference": "httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64"
},
"product_reference": "httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64"
},
"product_reference": "httpd-devel-0:2.4.57-11.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x"
},
"product_reference": "httpd-devel-0:2.4.57-11.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64"
},
"product_reference": "httpd-devel-0:2.4.57-11.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-filesystem-0:2.4.57-11.el9_4.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch"
},
"product_reference": "httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.57-11.el9_4.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch"
},
"product_reference": "httpd-manual-0:2.4.57-11.el9_4.noarch",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64"
},
"product_reference": "httpd-tools-0:2.4.57-11.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x"
},
"product_reference": "httpd-tools-0:2.4.57-11.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64"
},
"product_reference": "httpd-tools-0:2.4.57-11.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64"
},
"product_reference": "mod_ldap-0:2.4.57-11.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x"
},
"product_reference": "mod_ldap-0:2.4.57-11.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64"
},
"product_reference": "mod_ldap-0:2.4.57-11.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64"
},
"product_reference": "mod_lua-0:2.4.57-11.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le"
},
"product_reference": "mod_lua-0:2.4.57-11.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x"
},
"product_reference": "mod_lua-0:2.4.57-11.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64"
},
"product_reference": "mod_lua-0:2.4.57-11.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64"
},
"product_reference": "mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le"
},
"product_reference": "mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x"
},
"product_reference": "mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64"
},
"product_reference": "mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64"
},
"product_reference": "mod_session-0:2.4.57-11.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le"
},
"product_reference": "mod_session-0:2.4.57-11.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x"
},
"product_reference": "mod_session-0:2.4.57-11.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64"
},
"product_reference": "mod_session-0:2.4.57-11.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64"
},
"product_reference": "mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le"
},
"product_reference": "mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x"
},
"product_reference": "mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64"
},
"product_reference": "mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64"
},
"product_reference": "mod_ssl-1:2.4.57-11.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x"
},
"product_reference": "mod_ssl-1:2.4.57-11.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64"
},
"product_reference": "mod_ssl-1:2.4.57-11.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-38473",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"discovery_date": "2024-07-01T19:21:36+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295012"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_proxy module of httpd. Due to an encoding problem, specially crafted request URLs with incorrect encoding can be sent to backend services, potentially bypassing authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Encoding problem in mod_proxy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects configurations where mechanisms other than ProxyPass/ProxyPassMatch or RewriteRule with the \u0027P\u0027 flag are used to configure a request to be proxied, such as SetHandler or inadvertent proxying via CVE-2024-39573. Note that these alternate mechanisms may be used within .htaccess files.\n\nFor more information about CVE-2024-39573, see https://access.redhat.com/security/cve/CVE-2024-39573.\n\nAdditionally, this flaw requires mod_proxy to be loaded and being used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38473"
},
{
"category": "external",
"summary": "RHBZ#2295012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295012"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38473"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38473",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38473"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Encoding problem in mod_proxy"
},
{
"cve": "CVE-2024-38474",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"discovery_date": "2024-07-01T19:21:49+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295013"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Substitution encoding issue in mod_rewrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38474"
},
{
"category": "external",
"summary": "RHBZ#2295013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295013"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38474",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38474"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38474",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38474"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4726"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Substitution encoding issue in mod_rewrite"
},
{
"cve": "CVE-2024-38475",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"discovery_date": "2024-07-01T19:22:02+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295014"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Improper escaping of output in mod_rewrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38475"
},
{
"category": "external",
"summary": "RHBZ#2295014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295014"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38475",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38475"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38475",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38475"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4726"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Improper escaping of output in mod_rewrite"
},
{
"cve": "CVE-2024-38477",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-07-01T19:22:29+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295016"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: NULL pointer dereference in mod_proxy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38477"
},
{
"category": "external",
"summary": "RHBZ#2295016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295016"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38477"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38477",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38477"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4726"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: NULL pointer dereference in mod_proxy"
},
{
"cve": "CVE-2024-39573",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295022"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_rewrite module of httpd. A potential SSRF allows an attacker to cause unsafe rules used in the RewriteRule directive to unexpectedly set up URLs to be handled by the mod_proxy module.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Potential SSRF in mod_rewrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects configurations with unsafe rules used in the RewriteRule directive.\n\nAdditionally, this flaw requires mod_rewrite and mod_proxy to be loaded and being used. These modules can be disabled via the configuration file if their functionality are not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39573"
},
{
"category": "external",
"summary": "RHBZ#2295022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295022"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39573",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39573"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39573",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39573"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Potential SSRF in mod_rewrite"
}
]
}
rhsa-2024_5240
Vulnerability from csaf_redhat
Published
2024-08-13 13:06
Modified
2024-09-13 21:34
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP5 security update
Notes
Topic
Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 4, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.
Security Fix(es):
* jbcs-httpd24-httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)
* jbcs-httpd24-httpd: null pointer dereference in mod_proxy (CVE-2024-38477)
* jbcs-httpd24-httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* jbcs-httpd24-httpd: Encoding problem in mod_proxy (CVE-2024-38473)
* jbcs-httpd24-httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* jbcs-httpd24-httpd: Security issues via backend applications whose response headers are malicious or exploitable (CVE-2024-38476)
A Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 4, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.\n\nSecurity Fix(es):\n\n* jbcs-httpd24-httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)\n* jbcs-httpd24-httpd: null pointer dereference in mod_proxy (CVE-2024-38477)\n* jbcs-httpd24-httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n* jbcs-httpd24-httpd: Encoding problem in mod_proxy (CVE-2024-38473)\n* jbcs-httpd24-httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n* jbcs-httpd24-httpd: Security issues via backend applications whose response headers are malicious or exploitable (CVE-2024-38476)\n\nA Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:5240",
"url": "https://access.redhat.com/errata/RHSA-2024:5240"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_core_services/2.4.57/html/red_hat_jboss_core_services_apache_http_server_2.4.57_service_pack_5_release_notes/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_core_services/2.4.57/html/red_hat_jboss_core_services_apache_http_server_2.4.57_service_pack_5_release_notes/index"
},
{
"category": "external",
"summary": "2295012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295012"
},
{
"category": "external",
"summary": "2295013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295013"
},
{
"category": "external",
"summary": "2295014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295014"
},
{
"category": "external",
"summary": "2295015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295015"
},
{
"category": "external",
"summary": "2295016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295016"
},
{
"category": "external",
"summary": "2295022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295022"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_5240.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP5 security update",
"tracking": {
"current_release_date": "2024-09-13T21:34:13+00:00",
"generator": {
"date": "2024-09-13T21:34:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2024:5240",
"initial_release_date": "2024-08-13T13:06:23+00:00",
"revision_history": [
{
"date": "2024-08-13T13:06:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-08-13T13:06:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T21:34:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services 1",
"product": {
"name": "Red Hat JBoss Core Services 1",
"product_id": "Red Hat JBoss Core Services 1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-38473",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"discovery_date": "2024-07-01T19:21:36+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295012"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_proxy module of httpd. Due to an encoding problem, specially crafted request URLs with incorrect encoding can be sent to backend services, potentially bypassing authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Encoding problem in mod_proxy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects configurations where mechanisms other than ProxyPass/ProxyPassMatch or RewriteRule with the \u0027P\u0027 flag are used to configure a request to be proxied, such as SetHandler or inadvertent proxying via CVE-2024-39573. Note that these alternate mechanisms may be used within .htaccess files.\n\nFor more information about CVE-2024-39573, see https://access.redhat.com/security/cve/CVE-2024-39573.\n\nAdditionally, this flaw requires mod_proxy to be loaded and being used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38473"
},
{
"category": "external",
"summary": "RHBZ#2295012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295012"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38473"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38473",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38473"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5240"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Encoding problem in mod_proxy"
},
{
"cve": "CVE-2024-38474",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"discovery_date": "2024-07-01T19:21:49+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295013"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Substitution encoding issue in mod_rewrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38474"
},
{
"category": "external",
"summary": "RHBZ#2295013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295013"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38474",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38474"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38474",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38474"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5240"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Substitution encoding issue in mod_rewrite"
},
{
"cve": "CVE-2024-38475",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"discovery_date": "2024-07-01T19:22:02+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295014"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Improper escaping of output in mod_rewrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38475"
},
{
"category": "external",
"summary": "RHBZ#2295014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295014"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38475",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38475"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38475",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38475"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5240"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Improper escaping of output in mod_rewrite"
},
{
"cve": "CVE-2024-38476",
"cwe": {
"id": "CWE-829",
"name": "Inclusion of Functionality from Untrusted Control Sphere"
},
"discovery_date": "2024-07-01T19:22:16+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295015"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery (SSRF) or local script execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Security issues via\u00a0backend applications whose response headers are malicious or exploitable",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw can only be exploited by backend applications via malicious or exploitable response headers.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38476"
},
{
"category": "external",
"summary": "RHBZ#2295015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295015"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38476",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38476"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38476",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38476"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38476",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38476"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5240"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Security issues via\u00a0backend applications whose response headers are malicious or exploitable"
},
{
"cve": "CVE-2024-38477",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-07-01T19:22:29+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295016"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: NULL pointer dereference in mod_proxy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38477"
},
{
"category": "external",
"summary": "RHBZ#2295016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295016"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38477"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38477",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38477"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5240"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: NULL pointer dereference in mod_proxy"
},
{
"cve": "CVE-2024-39573",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295022"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_rewrite module of httpd. A potential SSRF allows an attacker to cause unsafe rules used in the RewriteRule directive to unexpectedly set up URLs to be handled by the mod_proxy module.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Potential SSRF in mod_rewrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects configurations with unsafe rules used in the RewriteRule directive.\n\nAdditionally, this flaw requires mod_rewrite and mod_proxy to be loaded and being used. These modules can be disabled via the configuration file if their functionality are not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39573"
},
{
"category": "external",
"summary": "RHBZ#2295022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295022"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39573",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39573"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39573",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39573"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573"
}
],
"release_date": "2024-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5240"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Potential SSRF in mod_rewrite"
}
]
}
ghsa-hrh5-4ffc-228q
Vulnerability from github
Published
2024-07-01 21:31
Modified
2024-08-01 15:31
Severity
Details
Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests. Users are recommended to upgrade to version 2.4.60, which fixes this issue.
{
"affected": [],
"aliases": [
"CVE-2024-38473"
],
"database_specific": {
"cwe_ids": [
"CWE-116"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-01T19:15:04Z",
"severity": "HIGH"
},
"details": "Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.",
"id": "GHSA-hrh5-4ffc-228q",
"modified": "2024-08-01T15:31:52Z",
"published": "2024-07-01T21:31:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38473"
},
{
"type": "WEB",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20240712-0001"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
}
]
}
wid-sec-w-2024-1504
Vulnerability from csaf_certbund
Published
2024-07-01 22:00
Modified
2024-07-24 22:00
Summary
Apache HTTP Server: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Apache ist ein Webserver für verschiedene Plattformen.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apache HTTP Server ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen oder vertrauliche Informationen offenzulegen.
Betroffene Betriebssysteme
- Linux
- MacOS X
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apache ist ein Webserver f\u00fcr verschiedene Plattformen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apache HTTP Server ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen oder vertrauliche Informationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- MacOS X\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1504 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1504.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1504 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1504"
},
{
"category": "external",
"summary": "Apache Advisory vom 2024-07-01",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"category": "external",
"summary": "Red Hat Bugzilla vom 2024-07-01",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295006"
},
{
"category": "external",
"summary": "Red Hat Bugzilla vom 2024-07-01",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295012"
},
{
"category": "external",
"summary": "Red Hat Bugzilla vom 2024-07-01",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295013"
},
{
"category": "external",
"summary": "Red Hat Bugzilla vom 2024-07-01",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295014"
},
{
"category": "external",
"summary": "Red Hat Bugzilla vom 2024-07-01",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295016"
},
{
"category": "external",
"summary": "Red Hat Bugzilla vom 2024-07-01",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295018"
},
{
"category": "external",
"summary": "Red Hat Bugzilla vom 2024-07-01",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295022"
},
{
"category": "external",
"summary": "Apache HTTP Server",
"url": "https://seclists.org/oss-sec/2024/q3/8"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:4197 vom 2024-07-02",
"url": "https://errata.build.resf.org/RLSA-2024:4197"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-39F1A828ED vom 2024-07-03",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-39f1a828ed"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-E7E73BEFAD vom 2024-07-03",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-e7e73befad"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6885-1 vom 2024-07-08",
"url": "https://ubuntu.com/security/notices/USN-6885-1"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7159849 vom 2024-07-09",
"url": "https://www.ibm.com/support/pages/node/7159849"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-661BB6322D vom 2024-07-11",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-661bb6322d"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-CB8ACBF644 vom 2024-07-11",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-cb8acbf644"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7160019 vom 2024-07-11",
"url": "https://www.ibm.com/support/pages/node/7160019"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2405-1 vom 2024-07-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018934.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5729 vom 2024-07-12",
"url": "https://lists.debian.org/debian-security-announce/2024/msg00140.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6885-2 vom 2024-07-11",
"url": "https://ubuntu.com/security/notices/USN-6885-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2560-1 vom 2024-07-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019002.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-2594 vom 2024-07-23",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2594.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2591-1 vom 2024-07-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019006.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2597-1 vom 2024-07-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019023.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-4726 vom 2024-07-24",
"url": "https://linux.oracle.com/errata/ELSA-2024-4726.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4719 vom 2024-07-23",
"url": "https://access.redhat.com/errata/RHSA-2024:4719"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4720 vom 2024-07-23",
"url": "https://access.redhat.com/errata/RHSA-2024:4720"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4726 vom 2024-07-23",
"url": "https://access.redhat.com/errata/RHSA-2024:4726"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-4720 vom 2024-07-24",
"url": "https://linux.oracle.com/errata/ELSA-2024-4720.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-1944 vom 2024-07-24",
"url": "https://alas.aws.amazon.com/ALAS-2024-1944.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4827 vom 2024-07-24",
"url": "https://access.redhat.com/errata/RHSA-2024:4827"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4830 vom 2024-07-24",
"url": "https://access.redhat.com/errata/RHSA-2024:4830"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4820 vom 2024-07-24",
"url": "https://access.redhat.com/errata/RHSA-2024:4820"
}
],
"source_lang": "en-US",
"title": "Apache HTTP Server: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-07-24T22:00:00.000+00:00",
"generator": {
"date": "2024-07-25T08:32:51.357+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.0"
}
},
"id": "WID-SEC-W-2024-1504",
"initial_release_date": "2024-07-01T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-07-01T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-07-02T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2024-07-03T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2024-07-08T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-07-09T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von IBM und IBM-APAR aufgenommen"
},
{
"date": "2024-07-11T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Fedora, IBM, SUSE, Debian und Ubuntu aufgenommen"
},
{
"date": "2024-07-18T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-07-22T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Amazon und SUSE aufgenommen"
},
{
"date": "2024-07-23T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2024-07-24T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Amazon und Red Hat aufgenommen"
}
],
"status": "final",
"version": "10"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2.4.60",
"product": {
"name": "Apache HTTP Server \u003c2.4.60",
"product_id": "T035727",
"product_identification_helper": {
"cpe": "cpe:/a:apache:http_server:2.4.60"
}
}
}
],
"category": "product_name",
"name": "HTTP Server"
}
],
"category": "vendor",
"name": "Apache"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM Business Automation Workflow",
"product": {
"name": "IBM Business Automation Workflow",
"product_id": "T019704",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "8.5",
"product": {
"name": "IBM HTTP Server 8.5",
"product_id": "T003676",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:http_server:8.5"
}
}
},
{
"category": "product_version",
"name": "9",
"product": {
"name": "IBM HTTP Server 9.0",
"product_id": "T008162",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:http_server:9.0"
}
}
}
],
"category": "product_name",
"name": "HTTP Server"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-38709",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T003676",
"T019704",
"398363",
"T008162",
"T004914",
"T032255",
"74185"
]
},
"release_date": "2024-07-01T22:00:00Z",
"title": "CVE-2023-38709"
},
{
"cve": "CVE-2024-36387",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T003676",
"T019704",
"398363",
"T008162",
"T004914",
"T032255",
"74185"
]
},
"release_date": "2024-07-01T22:00:00Z",
"title": "CVE-2024-36387"
},
{
"cve": "CVE-2024-38472",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T003676",
"T019704",
"398363",
"T008162",
"T004914",
"T032255",
"74185"
]
},
"release_date": "2024-07-01T22:00:00Z",
"title": "CVE-2024-38472"
},
{
"cve": "CVE-2024-38473",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T003676",
"T019704",
"398363",
"T008162",
"T004914",
"T032255",
"74185"
]
},
"release_date": "2024-07-01T22:00:00Z",
"title": "CVE-2024-38473"
},
{
"cve": "CVE-2024-38474",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T003676",
"T019704",
"398363",
"T008162",
"T004914",
"T032255",
"74185"
]
},
"release_date": "2024-07-01T22:00:00Z",
"title": "CVE-2024-38474"
},
{
"cve": "CVE-2024-38475",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T003676",
"T019704",
"398363",
"T008162",
"T004914",
"T032255",
"74185"
]
},
"release_date": "2024-07-01T22:00:00Z",
"title": "CVE-2024-38475"
},
{
"cve": "CVE-2024-38476",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T003676",
"T019704",
"398363",
"T008162",
"T004914",
"T032255",
"74185"
]
},
"release_date": "2024-07-01T22:00:00Z",
"title": "CVE-2024-38476"
},
{
"cve": "CVE-2024-38477",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T003676",
"T019704",
"398363",
"T008162",
"T004914",
"T032255",
"74185"
]
},
"release_date": "2024-07-01T22:00:00Z",
"title": "CVE-2024-38477"
},
{
"cve": "CVE-2024-39573",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T003676",
"T019704",
"398363",
"T008162",
"T004914",
"T032255",
"74185"
]
},
"release_date": "2024-07-01T22:00:00Z",
"title": "CVE-2024-39573"
}
]
}
Loading...