rhsa-2024_1316
Vulnerability from csaf_redhat
Published
2024-03-18 16:37
Modified
2024-11-06 05:14
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP3 security update
Notes
Topic
Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 3 is now
available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 3 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 2, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.
Security Fix(es):
* curl: information disclosure by exploiting a mixed case flaw (CVE-2023-46218)
* curl: excessively long file name may lead to unknown HSTS status (CVE-2023-46219)
* httpd: mod_macro: out-of-bounds read vulnerability (CVE-2023-31122)
* jbcs-httpd24-mod_proxy_cluster: mod_cluster/mod_proxy_cluster: Stored Cross site Scripting (CVE-2023-6710)
* jbcs-httpd24-openssl: openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow (CVE-2023-5678)
A Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 3 is now\navailable.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 3 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 2, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.\n\nSecurity Fix(es):\n\n* curl: information disclosure by exploiting a mixed case flaw (CVE-2023-46218)\n* curl: excessively long file name may lead to unknown HSTS status (CVE-2023-46219)\n* httpd: mod_macro: out-of-bounds read vulnerability (CVE-2023-31122)\n* jbcs-httpd24-mod_proxy_cluster: mod_cluster/mod_proxy_cluster: Stored Cross site Scripting (CVE-2023-6710)\n* jbcs-httpd24-openssl: openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow (CVE-2023-5678)\n\nA Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:1316", "url": "https://access.redhat.com/errata/RHSA-2024:1316" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.57/html/red_hat_jboss_core_services_apache_http_server_2.4.57_service_pack_3_release_notes", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.57/html/red_hat_jboss_core_services_apache_http_server_2.4.57_service_pack_3_release_notes" }, { "category": "external", "summary": "2245332", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245332" }, { "category": "external", "summary": "2248616", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248616" }, { "category": "external", "summary": "2252030", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252030" }, { "category": "external", "summary": "2252034", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252034" }, { "category": "external", "summary": "2254128", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254128" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1316.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP3 security update", "tracking": { "current_release_date": "2024-11-06T05:14:11+00:00", "generator": { "date": "2024-11-06T05:14:11+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2024:1316", "initial_release_date": "2024-03-18T16:37:43+00:00", "revision_history": [ { "date": "2024-03-18T16:37:43+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-03-19T15:41:03+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T05:14:11+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Core Services on RHEL 7 Server", "product": { "name": "Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_core_services:1::el7" } } }, { "category": "product_name", "name": "Red Hat JBoss Core Services on RHEL 8", "product": { "name": "Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_core_services:1::el8" } } } ], "category": "product_family", "name": "Red Hat JBoss Core Services" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.src", "product": { "name": "jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.src", "product_id": "jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1k-17.el7jbcs?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.src", "product": { "name": "jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.src", "product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-20.el7jbcs?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.src", "product": { "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.src", "product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-35.el7jbcs?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.src", "product": { "name": "jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.src", "product_id": "jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-104.el7jbcs?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.src", "product": { "name": "jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.src", "product_id": "jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@8.6.0-3.el7jbcs?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.src", "product": { "name": "jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.src", "product_id": "jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.57-9.el7jbcs?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.src", "product": { "name": "jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.src", "product_id": "jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-36.el7jbcs?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el7jbcs.src", "product": { "name": "jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el7jbcs.src", "product_id": "jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el7jbcs.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.49-5.redhat_1.el7jbcs?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.src", "product": { "name": "jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.src", "product_id": "jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.24-4.el7jbcs?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.src", "product": { "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.src", "product_id": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.20-3.el7jbcs?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.src", "product": { "name": "jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.src", "product_id": "jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-34.el7jbcs?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.src", "product": { "name": "jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.src", "product_id": "jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1k-17.el8jbcs?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.src", "product": { "name": "jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.src", "product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-20.el8jbcs?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.src", "product": { "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.src", "product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-35.el8jbcs?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.src", "product": { "name": "jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.src", "product_id": "jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-104.el8jbcs?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.src", "product": { "name": "jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.src", "product_id": "jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@8.6.0-3.el8jbcs?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.src", "product": { "name": "jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.src", "product_id": "jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.57-9.el8jbcs?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.src", "product": { "name": "jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.src", "product_id": "jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-36.el8jbcs?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el8jbcs.src", "product": { "name": "jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el8jbcs.src", "product_id": "jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el8jbcs.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.49-5.redhat_1.el8jbcs?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.src", "product": { "name": "jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.src", "product_id": "jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.24-4.el8jbcs?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.src", "product": { "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.src", "product_id": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.20-3.el8jbcs?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.src", "product": { "name": "jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.src", "product_id": "jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-34.el8jbcs?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.x86_64", "product_id": "jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1k-17.el7jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-devel-1:1.1.1k-17.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-openssl-devel-1:1.1.1k-17.el7jbcs.x86_64", "product_id": "jbcs-httpd24-openssl-devel-1:1.1.1k-17.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.1.1k-17.el7jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-libs-1:1.1.1k-17.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-openssl-libs-1:1.1.1k-17.el7jbcs.x86_64", "product_id": "jbcs-httpd24-openssl-libs-1:1.1.1k-17.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.1.1k-17.el7jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-perl-1:1.1.1k-17.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-openssl-perl-1:1.1.1k-17.el7jbcs.x86_64", "product_id": "jbcs-httpd24-openssl-perl-1:1.1.1k-17.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.1.1k-17.el7jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-static-1:1.1.1k-17.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-openssl-static-1:1.1.1k-17.el7jbcs.x86_64", "product_id": "jbcs-httpd24-openssl-static-1:1.1.1k-17.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.1.1k-17.el7jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el7jbcs.x86_64", "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.1.1k-17.el7jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.x86_64", "product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-20.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el7jbcs.x86_64", "product_id": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil-debuginfo@1.0.0-20.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.x86_64", "product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-35.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el7jbcs.x86_64", "product_id": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11-debuginfo@0.4.10-35.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-104.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-104.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-104.el7jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-104.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-104.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el7jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-104.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el7jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-104.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-104.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-104.el7jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-104.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-104.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el7jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-104.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el7jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-104.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el7jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-104.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el7jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-104.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el7jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-104.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.x86_64", "product_id": "jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@8.6.0-3.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-0:8.6.0-3.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-libcurl-0:8.6.0-3.el7jbcs.x86_64", "product_id": "jbcs-httpd24-libcurl-0:8.6.0-3.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@8.6.0-3.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-devel-0:8.6.0-3.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-libcurl-devel-0:8.6.0-3.el7jbcs.x86_64", "product_id": "jbcs-httpd24-libcurl-devel-0:8.6.0-3.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@8.6.0-3.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el7jbcs.x86_64", "product_id": "jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@8.6.0-3.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.x86_64", "product_id": "jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.57-9.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-devel-0:2.4.57-9.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-httpd-devel-0:2.4.57-9.el7jbcs.x86_64", "product_id": "jbcs-httpd24-httpd-devel-0:2.4.57-9.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.57-9.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-selinux-0:2.4.57-9.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.57-9.el7jbcs.x86_64", "product_id": "jbcs-httpd24-httpd-selinux-0:2.4.57-9.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.57-9.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-tools-0:2.4.57-9.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-httpd-tools-0:2.4.57-9.el7jbcs.x86_64", "product_id": "jbcs-httpd24-httpd-tools-0:2.4.57-9.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.57-9.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ldap-0:2.4.57-9.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_ldap-0:2.4.57-9.el7jbcs.x86_64", "product_id": "jbcs-httpd24-mod_ldap-0:2.4.57-9.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.57-9.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el7jbcs.x86_64", "product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.57-9.el7jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_session-0:2.4.57-9.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_session-0:2.4.57-9.el7jbcs.x86_64", "product_id": "jbcs-httpd24-mod_session-0:2.4.57-9.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.57-9.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ssl-1:2.4.57-9.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_ssl-1:2.4.57-9.el7jbcs.x86_64", "product_id": "jbcs-httpd24-mod_ssl-1:2.4.57-9.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.57-9.el7jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el7jbcs.x86_64", "product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.57-9.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.x86_64", "product_id": "jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-36.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el7jbcs.x86_64", "product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.19-36.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.49-5.redhat_1.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.49-5.redhat_1.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.x86_64", "product_id": "jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.24-4.el7jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el7jbcs.x86_64", "product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.4.24-4.el7jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.x86_64", "product_id": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.20-3.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el7jbcs.x86_64", "product_id": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster-debuginfo@1.3.20-3.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.x86_64", "product_id": "jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-34.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el7jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el7jbcs.x86_64", "product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el7jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.3-34.el7jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.x86_64", "product_id": "jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1k-17.el8jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-devel-1:1.1.1k-17.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-openssl-devel-1:1.1.1k-17.el8jbcs.x86_64", "product_id": "jbcs-httpd24-openssl-devel-1:1.1.1k-17.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.1.1k-17.el8jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-libs-1:1.1.1k-17.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-openssl-libs-1:1.1.1k-17.el8jbcs.x86_64", "product_id": "jbcs-httpd24-openssl-libs-1:1.1.1k-17.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.1.1k-17.el8jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-perl-1:1.1.1k-17.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-openssl-perl-1:1.1.1k-17.el8jbcs.x86_64", "product_id": "jbcs-httpd24-openssl-perl-1:1.1.1k-17.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.1.1k-17.el8jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-static-1:1.1.1k-17.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-openssl-static-1:1.1.1k-17.el8jbcs.x86_64", "product_id": "jbcs-httpd24-openssl-static-1:1.1.1k-17.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.1.1k-17.el8jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.1.1k-17.el8jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "product_id": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs-debuginfo@1.1.1k-17.el8jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.x86_64", "product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-20.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el8jbcs.x86_64", "product_id": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil-debuginfo@1.0.0-20.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.x86_64", "product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-35.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el8jbcs.x86_64", "product_id": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11-debuginfo@0.4.10-35.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-104.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-104.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-104.el8jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-104.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-104.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el8jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-104.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el8jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-104.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-104.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-104.el8jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-104.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-104.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el8jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-104.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el8jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-104.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el8jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-104.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el8jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-104.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-104.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap-debuginfo@1.6.1-104.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql-debuginfo@1.6.1-104.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss-debuginfo@1.6.1-104.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc-debuginfo@1.6.1-104.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl-debuginfo@1.6.1-104.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql-debuginfo@1.6.1-104.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product_id": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite-debuginfo@1.6.1-104.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.x86_64", "product_id": "jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@8.6.0-3.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-0:8.6.0-3.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-libcurl-0:8.6.0-3.el8jbcs.x86_64", "product_id": "jbcs-httpd24-libcurl-0:8.6.0-3.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@8.6.0-3.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-devel-0:8.6.0-3.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-libcurl-devel-0:8.6.0-3.el8jbcs.x86_64", "product_id": "jbcs-httpd24-libcurl-devel-0:8.6.0-3.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@8.6.0-3.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "product_id": "jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@8.6.0-3.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-libcurl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "product_id": "jbcs-httpd24-libcurl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-debuginfo@8.6.0-3.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.x86_64", "product_id": "jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.57-9.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-devel-0:2.4.57-9.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-httpd-devel-0:2.4.57-9.el8jbcs.x86_64", "product_id": "jbcs-httpd24-httpd-devel-0:2.4.57-9.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.57-9.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-selinux-0:2.4.57-9.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.57-9.el8jbcs.x86_64", "product_id": "jbcs-httpd24-httpd-selinux-0:2.4.57-9.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.57-9.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-tools-0:2.4.57-9.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-httpd-tools-0:2.4.57-9.el8jbcs.x86_64", "product_id": "jbcs-httpd24-httpd-tools-0:2.4.57-9.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.57-9.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ldap-0:2.4.57-9.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_ldap-0:2.4.57-9.el8jbcs.x86_64", "product_id": "jbcs-httpd24-mod_ldap-0:2.4.57-9.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.57-9.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el8jbcs.x86_64", "product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.57-9.el8jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_session-0:2.4.57-9.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_session-0:2.4.57-9.el8jbcs.x86_64", "product_id": "jbcs-httpd24-mod_session-0:2.4.57-9.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.57-9.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ssl-1:2.4.57-9.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_ssl-1:2.4.57-9.el8jbcs.x86_64", "product_id": "jbcs-httpd24-mod_ssl-1:2.4.57-9.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.57-9.el8jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.57-9.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "product_id": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools-debuginfo@2.4.57-9.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "product_id": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap-debuginfo@2.4.57-9.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "product_id": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html-debuginfo@2.4.57-9.el8jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "product_id": "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session-debuginfo@2.4.57-9.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "product_id": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl-debuginfo@2.4.57-9.el8jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.x86_64", "product_id": "jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-36.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el8jbcs.x86_64", "product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.19-36.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.49-5.redhat_1.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "product_id": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24-debuginfo@1.2.49-5.redhat_1.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.x86_64", "product_id": "jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.24-4.el8jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el8jbcs.x86_64", "product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.4.24-4.el8jbcs?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.x86_64", "product_id": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.20-3.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el8jbcs.x86_64", "product_id": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster-debuginfo@1.3.20-3.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.x86_64", "product_id": "jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-34.el8jbcs?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el8jbcs.x86_64", "product": { "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el8jbcs.x86_64", "product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el8jbcs.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.3-34.el8jbcs?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-httpd-manual-0:2.4.57-9.el7jbcs.noarch", "product": { "name": "jbcs-httpd24-httpd-manual-0:2.4.57-9.el7jbcs.noarch", "product_id": "jbcs-httpd24-httpd-manual-0:2.4.57-9.el7jbcs.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.57-9.el7jbcs?arch=noarch" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-manual-0:2.4.57-9.el8jbcs.noarch", "product": { "name": "jbcs-httpd24-httpd-manual-0:2.4.57-9.el8jbcs.noarch", "product_id": "jbcs-httpd24-httpd-manual-0:2.4.57-9.el8jbcs.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.57-9.el8jbcs?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.src" }, "product_reference": "jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-104.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-104.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-104.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-104.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.src" }, "product_reference": "jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.src" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-devel-0:2.4.57-9.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-httpd-devel-0:2.4.57-9.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-manual-0:2.4.57-9.el7jbcs.noarch as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el7jbcs.noarch" }, "product_reference": "jbcs-httpd24-httpd-manual-0:2.4.57-9.el7jbcs.noarch", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.57-9.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.57-9.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-tools-0:2.4.57-9.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-httpd-tools-0:2.4.57-9.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-0:8.6.0-3.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-libcurl-0:8.6.0-3.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-devel-0:8.6.0-3.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-libcurl-devel-0:8.6.0-3.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.src" }, "product_reference": "jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el7jbcs.src" }, "product_reference": "jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el7jbcs.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-5.redhat_1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-5.redhat_1.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ldap-0:2.4.57-9.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_ldap-0:2.4.57-9.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.src" }, "product_reference": "jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.src" }, "product_reference": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.src" }, "product_reference": "jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_session-0:2.4.57-9.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_session-0:2.4.57-9.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ssl-1:2.4.57-9.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_ssl-1:2.4.57-9.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.src" }, "product_reference": "jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.src" }, "product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-devel-1:1.1.1k-17.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-openssl-devel-1:1.1.1k-17.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-libs-1:1.1.1k-17.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-openssl-libs-1:1.1.1k-17.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-perl-1:1.1.1k-17.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-openssl-perl-1:1.1.1k-17.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.src" }, "product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-static-1:1.1.1k-17.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el7jbcs.x86_64" }, "product_reference": "jbcs-httpd24-openssl-static-1:1.1.1k-17.el7jbcs.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.src" }, "product_reference": "jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.src", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-104.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-104.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-104.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-104.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-104.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-104.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-104.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-104.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-104.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-104.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-104.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-104.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-104.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-104.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-104.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-104.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-104.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-104.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.src" }, "product_reference": "jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.src", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.src" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.src", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-devel-0:2.4.57-9.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-httpd-devel-0:2.4.57-9.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-manual-0:2.4.57-9.el8jbcs.noarch as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el8jbcs.noarch" }, "product_reference": "jbcs-httpd24-httpd-manual-0:2.4.57-9.el8jbcs.noarch", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.57-9.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.57-9.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-tools-0:2.4.57-9.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-httpd-tools-0:2.4.57-9.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-9.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-9.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-0:8.6.0-3.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-libcurl-0:8.6.0-3.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-debuginfo-0:8.6.0-3.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.6.0-3.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-libcurl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-devel-0:8.6.0-3.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-libcurl-devel-0:8.6.0-3.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.src" }, "product_reference": "jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.src", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el8jbcs.src" }, "product_reference": "jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el8jbcs.src", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-5.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-5.redhat_1.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ldap-0:2.4.57-9.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_ldap-0:2.4.57-9.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-9.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-9.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.src" }, "product_reference": "jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.src", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.src" }, "product_reference": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.src", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-9.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-9.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.src" }, "product_reference": "jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.src", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_session-0:2.4.57-9.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_session-0:2.4.57-9.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-9.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-9.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ssl-1:2.4.57-9.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_ssl-1:2.4.57-9.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-9.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-9.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.src" }, "product_reference": "jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.src", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.src" }, "product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.src", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-devel-1:1.1.1k-17.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-openssl-devel-1:1.1.1k-17.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-libs-1:1.1.1k-17.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-openssl-libs-1:1.1.1k-17.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-17.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-17.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-perl-1:1.1.1k-17.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-openssl-perl-1:1.1.1k-17.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.src" }, "product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.src", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-static-1:1.1.1k-17.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", "product_id": "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el8jbcs.x86_64" }, "product_reference": "jbcs-httpd24-openssl-static-1:1.1.1k-17.el8jbcs.x86_64", "relates_to_product_reference": "8Base-JBCS" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-5678", "cwe": { "id": "CWE-325", "name": "Missing Cryptographic Step" }, "discovery_date": "2023-11-07T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el8jbcs.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2248616" } ], "notes": [ { "category": "description", "text": "A flaw was found in OpenSSL, which caused the generation or checking of long X9.42 DH keys or parameters to be much slower than expected. This issue could lead to a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability in OpenSSL is categorized as a low severity issue primarily because it requires specific conditions to exploit and doesn\u0027t directly result in a full Denial of Service (DoS). While the excessive time spent in DH key generation or verification could potentially cause delays, the impact is mitigated by the fact that it requires untrusted sources supplying large Q parameter values. Additionally, the OpenSSL SSL/TLS implementation remains unaffected, limiting the scope of potential attacks. Moreover, there are inherent limits on key length, which further restrict the potential for exploitation.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el8jbcs.x86_64" ], "known_not_affected": [ "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el8jbcs.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-5678" }, { "category": "external", "summary": "RHBZ#2248616", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248616" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-5678", "url": "https://www.cve.org/CVERecord?id=CVE-2023-5678" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5678", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5678" }, { "category": "external", "summary": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055" }, { "category": "external", "summary": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c" }, { "category": "external", "summary": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017" }, { "category": "external", "summary": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6" }, { "category": "external", "summary": "https://www.openssl.org/news/secadv/20231106.txt", "url": "https://www.openssl.org/news/secadv/20231106.txt" } ], "release_date": "2023-10-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-18T16:37:43+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el8jbcs.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1316" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el8jbcs.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el8jbcs.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow" }, { "acknowledgments": [ { "names": [ "Mohamed Mounir Boudjema" ], "organization": "Intervalle-Technologies" } ], "cve": "CVE-2023-6710", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2023-12-12T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el8jbcs.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2254128" } ], "notes": [ { "category": "description", "text": "A flaw was found in the mod_proxy_cluster in the Apache server. This issue may allow a malicious user to add a script in the \u0027alias\u0027 parameter in the URL to trigger the stored cross-site scripting (XSS) vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host and adds the script to the cluster-manager page.", "title": "Vulnerability description" }, { "category": "summary", "text": "mod_cluster/mod_proxy_cluster: Stored Cross site Scripting", "title": "Vulnerability summary" }, { "category": "other", "text": "The impact of this vulnerability is considered as Low, as the cluster_manager URL should not be exposed outside and is protected by user/password.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el8jbcs.x86_64" ], "known_not_affected": [ "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el8jbcs.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-6710" }, { "category": "external", "summary": "RHBZ#2254128", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254128" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-6710", "url": "https://www.cve.org/CVERecord?id=CVE-2023-6710" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6710", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6710" } ], "release_date": "2023-12-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-18T16:37:43+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el8jbcs.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1316" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el8jbcs.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el8jbcs.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "mod_cluster/mod_proxy_cluster: Stored Cross site Scripting" }, { "cve": "CVE-2023-31122", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2023-10-19T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el8jbcs.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2245332" } ], "notes": [ { "category": "description", "text": "A flaw was found in the mod_macro module of httpd. When processing a very long macro, the null byte terminator will not be added, leading to an out-of-bounds read, resulting in a crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_macro: out-of-bounds read vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw only affects configurations with mod_macro loaded and when a very long macro is configured and used, specifically a macro longer than 8191 characters. If these conditions are not present, the server is not affected and no further mitigation is needed. For more information about the mitigation, see the mitigation section below.\n\nThe httpd mod_macro module is enabled by default in Red Hat Enterprise Linux 8, 9, and in RHSCL. However, there are no macros used in the default httpd configuration.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-9.el8jbcs.x86_64" ], "known_not_affected": [ "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el8jbcs.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-31122" }, { "category": "external", "summary": "RHBZ#2245332", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245332" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-31122", "url": "https://www.cve.org/CVERecord?id=CVE-2023-31122" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-31122", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31122" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2023-31122", "url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2023-31122" } ], "release_date": "2023-10-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-18T16:37:43+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-9.el8jbcs.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1316" }, { "category": "workaround", "details": "Disabling mod_macro and restarting httpd or making sure the macros used are smaller than the required length to trigger this vulnerability will mitigate this flaw. Furthermore, it\u0027s unlikely that a very long macro with the length needed to trigger this issue is being used.", "product_ids": [ "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el8jbcs.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-9.el8jbcs.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: mod_macro: out-of-bounds read vulnerability" }, { "acknowledgments": [ { "names": [ "Harry Sintonen" ], "organization": "reported" }, { "names": [ "Daniel Stenberg" ], "organization": "patched" } ], "cve": "CVE-2023-46218", "cwe": { "id": "CWE-201", "name": "Insertion of Sensitive Information Into Sent Data" }, "discovery_date": "2023-11-29T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el8jbcs.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2252030" } ], "notes": [ { "category": "description", "text": "A flaw was found in curl that verifies a given cookie domain against the Public Suffix List. This issue could allow a malicious HTTP server to set \"super cookies\" in curl that are passed back to more origins than what is otherwise allowed or possible.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: information disclosure by exploiting a mixed case flaw", "title": "Vulnerability summary" }, { "category": "other", "text": "When curl is built without PSL support, it cannot protect against this problem but it is expected to not allow \"too wide\" cookies when PSL support is enabled.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el8jbcs.x86_64" ], "known_not_affected": [ "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el8jbcs.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-46218" }, { "category": "external", "summary": "RHBZ#2252030", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252030" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-46218", "url": "https://www.cve.org/CVERecord?id=CVE-2023-46218" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-46218", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46218" }, { "category": "external", "summary": "https://curl.se/docs/CVE-2023-46218.html", "url": "https://curl.se/docs/CVE-2023-46218.html" } ], "release_date": "2023-12-06T07:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-18T16:37:43+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el8jbcs.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1316" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el8jbcs.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "curl: information disclosure by exploiting a mixed case flaw" }, { "acknowledgments": [ { "names": [ "Daniel Stenberg" ], "organization": "patched" }, { "names": [ "Maksymilian Arciemowicz" ], "organization": "reported" } ], "cve": "CVE-2023-46219", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "discovery_date": "2023-11-29T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el8jbcs.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2252034" } ], "notes": [ { "category": "description", "text": "A security bypass flaw was found in Curl, which can be triggered by saving HSTS data to an excessively long file name. This issue occurs due to an error in handling HSTS long file names, leading to the removal of all contents from the file during the save process, and may allow a remote attacker to send a specially crafted request to use files without awareness of the HSTS status and enable a Man-in-the-Middle (MitM) attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: excessively long file name may lead to unknown HSTS status", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el8jbcs.x86_64" ], "known_not_affected": [ "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-5.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-104.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-9.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-36.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-5.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-5.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-4.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-34.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-9.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-20.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-17.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-35.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-17.el8jbcs.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-46219" }, { "category": "external", "summary": "RHBZ#2252034", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252034" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-46219", "url": "https://www.cve.org/CVERecord?id=CVE-2023-46219" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-46219", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46219" }, { "category": "external", "summary": "https://curl.se/docs/CVE-2023-46219.html", "url": "https://curl.se/docs/CVE-2023-46219.html" } ], "release_date": "2023-12-06T07:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-18T16:37:43+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el8jbcs.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1316" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-curl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.6.0-3.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.6.0-3.el8jbcs.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "curl: excessively long file name may lead to unknown HSTS status" } ] }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.