Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-0196
Vulnerability from cvelistv5
Published
2019-06-11 21:02
Modified
2024-08-04 17:44
Severity ?
EPSS score ?
Summary
A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache HTTP Server |
Version: 2.4.17 to 2.4.38 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T17:44:14.775Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "name": "[oss-security] 20190401 CVE-2019-0196: mod_http2, read-after-free on a string compare", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2019/04/02/1" }, { "name": "107669", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/107669" }, { "name": "20190403 [SECURITY] [DSA 4422-1] apache2 security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Apr/5" }, { "name": "USN-3937-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3937-1/" }, { "name": "FEDORA-2019-cf7695b470", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/" }, { "name": "DSA-4422", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2019/dsa-4422" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.apache.org/dist/httpd/CHANGES_2.4.39" }, { "name": "openSUSE-SU-2019:1190", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html" }, { "name": "openSUSE-SU-2019:1209", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html" }, { "name": "openSUSE-SU-2019:1258", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.f5.com/csp/article/K44591505" }, { "name": "FEDORA-2019-08e57d15fd", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTJPHI3E3OKW7OT7COQXVG7DE7IDQ2OT/" }, { "name": "[httpd-cvs] 20190611 svn commit: r1861068 - /httpd/site/trunk/content/security/vulnerabilities-httpd.xml", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/fd110f4ace2d8364c7d9190e1993cde92f79e4eb85576ed9285686ac%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190611 svn commit: r1046148 - in /websites/production/httpd/content: ./ mail", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/97a1c58e138ed58a364513b58d807a802e72bf6079ff81a10948ef7c%40%3Ccvs.httpd.apache.org%3E" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20190617-0002/" }, { "name": "FEDORA-2019-c7187e6dc7", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRYD6JMEJ6O3JKJZFNOYXMJJU5JMEJK/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03950en_us" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "name": "RHSA-2019:3933", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:3933" }, { "name": "RHSA-2019:3935", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:3935" }, { "name": "RHSA-2019:3932", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:3932" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073143 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [12/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888194 [12/13] - /httpd/site/trunk/content/security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [12/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210606 svn commit: r1075470 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Apache HTTP Server", "vendor": "Apache Software Foundation", "versions": [ { "status": "affected", "version": "2.4.17 to 2.4.38" } ] } ], "datePublic": "2019-04-01T00:00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly." } ], "problemTypes": [ { "descriptions": [ { "description": "mod_http2, read-after-free on a string compare", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-06T10:11:39", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "name": "[oss-security] 20190401 CVE-2019-0196: mod_http2, read-after-free on a string compare", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2019/04/02/1" }, { "name": "107669", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/107669" }, { "name": "20190403 [SECURITY] [DSA 4422-1] apache2 security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Apr/5" }, { "name": "USN-3937-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3937-1/" }, { "name": "FEDORA-2019-cf7695b470", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/" }, { "name": "DSA-4422", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2019/dsa-4422" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.apache.org/dist/httpd/CHANGES_2.4.39" }, { "name": "openSUSE-SU-2019:1190", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html" }, { "name": "openSUSE-SU-2019:1209", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html" }, { "name": "openSUSE-SU-2019:1258", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.f5.com/csp/article/K44591505" }, { "name": "FEDORA-2019-08e57d15fd", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTJPHI3E3OKW7OT7COQXVG7DE7IDQ2OT/" }, { "name": "[httpd-cvs] 20190611 svn commit: r1861068 - /httpd/site/trunk/content/security/vulnerabilities-httpd.xml", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/fd110f4ace2d8364c7d9190e1993cde92f79e4eb85576ed9285686ac%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190611 svn commit: r1046148 - in /websites/production/httpd/content: ./ mail", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/97a1c58e138ed58a364513b58d807a802e72bf6079ff81a10948ef7c%40%3Ccvs.httpd.apache.org%3E" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20190617-0002/" }, { "name": "FEDORA-2019-c7187e6dc7", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRYD6JMEJ6O3JKJZFNOYXMJJU5JMEJK/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03950en_us" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "name": "RHSA-2019:3933", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:3933" }, { "name": "RHSA-2019:3935", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:3935" }, { "name": "RHSA-2019:3932", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:3932" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073143 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [12/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888194 [12/13] - /httpd/site/trunk/content/security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [12/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210606 svn commit: r1075470 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@apache.org", "ID": "CVE-2019-0196", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Apache HTTP Server", "version": { "version_data": [ { "version_value": "2.4.17 to 2.4.38" } ] } } ] }, "vendor_name": "Apache Software Foundation" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "mod_http2, read-after-free on a string compare" } ] } ] }, "references": { "reference_data": [ { "name": "https://httpd.apache.org/security/vulnerabilities_24.html", "refsource": "CONFIRM", "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "name": "[oss-security] 20190401 CVE-2019-0196: mod_http2, read-after-free on a string compare", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2019/04/02/1" }, { "name": "107669", "refsource": "BID", "url": "http://www.securityfocus.com/bid/107669" }, { "name": "20190403 [SECURITY] [DSA 4422-1] apache2 security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Apr/5" }, { "name": "USN-3937-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3937-1/" }, { "name": "FEDORA-2019-cf7695b470", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/" }, { "name": "DSA-4422", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2019/dsa-4422" }, { "name": "http://www.apache.org/dist/httpd/CHANGES_2.4.39", "refsource": "MISC", "url": "http://www.apache.org/dist/httpd/CHANGES_2.4.39" }, { "name": "openSUSE-SU-2019:1190", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html" }, { "name": "openSUSE-SU-2019:1209", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html" }, { "name": "openSUSE-SU-2019:1258", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html" }, { "name": "https://support.f5.com/csp/article/K44591505", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K44591505" }, { "name": "FEDORA-2019-08e57d15fd", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTJPHI3E3OKW7OT7COQXVG7DE7IDQ2OT/" }, { "name": "[httpd-cvs] 20190611 svn commit: r1861068 - /httpd/site/trunk/content/security/vulnerabilities-httpd.xml", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/fd110f4ace2d8364c7d9190e1993cde92f79e4eb85576ed9285686ac@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190611 svn commit: r1046148 - in /websites/production/httpd/content: ./ mail", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/97a1c58e138ed58a364513b58d807a802e72bf6079ff81a10948ef7c@%3Ccvs.httpd.apache.org%3E" }, { "name": "https://security.netapp.com/advisory/ntap-20190617-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20190617-0002/" }, { "name": "FEDORA-2019-c7187e6dc7", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWRYD6JMEJ6O3JKJZFNOYXMJJU5JMEJK/" }, { "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E" }, { "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03950en_us", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03950en_us" }, { "name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "refsource": "MISC", "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "name": "RHSA-2019:3933", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3933" }, { "name": "RHSA-2019:3935", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3935" }, { "name": "RHSA-2019:3932", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3932" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E" }, { "name": "https://www.oracle.com/security-alerts/cpuapr2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073143 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [12/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888194 [12/13] - /httpd/site/trunk/content/security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [12/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210606 svn commit: r1075470 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E" } ] } } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2019-0196", "datePublished": "2019-06-11T21:02:48", "dateReserved": "2018-11-14T00:00:00", "dateUpdated": "2024-08-04T17:44:14.775Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2019-0196\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2019-06-11T22:29:03.747\",\"lastModified\":\"2024-11-21T04:16:27.757\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly.\"},{\"lang\":\"es\",\"value\":\"Se descubri\u00f3 una Vulnerabilidad en Apache HTTP Server 2.4.17. usando fuzzed network input, la http/2 manejo de solicitudes podr\u00eda estar hechas para acceder a la memoria liberada en la comparaci\u00f3n de cadenas al determinar el m\u00e9todo de una solicitud y, por lo tanto, procesar la solicitud incorrectamente.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.4.17\",\"versionEndIncluding\":\"2.4.38\",\"matchCriteriaId\":\"3AF858A9-701E-44F6-8DB1-36B76C40733A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07C312A0-CD2C-4B9C-B064-6409B25C278F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.apache.org/dist/httpd/CHANGES_2.4.39\",\"source\":\"security@apache.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/04/02/1\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/107669\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3932\",\"source\":\"security@apache.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3933\",\"source\":\"security@apache.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3935\",\"source\":\"security@apache.org\"},{\"url\":\"https://httpd.apache.org/security/vulnerabilities_24.html\",\"source\":\"security@apache.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/97a1c58e138ed58a364513b58d807a802e72bf6079ff81a10948ef7c%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/fd110f4ace2d8364c7d9190e1993cde92f79e4eb85576ed9285686ac%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRYD6JMEJ6O3JKJZFNOYXMJJU5JMEJK/\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTJPHI3E3OKW7OT7COQXVG7DE7IDQ2OT/\",\"source\":\"security@apache.org\"},{\"url\":\"https://seclists.org/bugtraq/2019/Apr/5\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190617-0002/\",\"source\":\"security@apache.org\"},{\"url\":\"https://support.f5.com/csp/article/K44591505\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03950en_us\",\"source\":\"security@apache.org\"},{\"url\":\"https://usn.ubuntu.com/3937-1/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4422\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"security@apache.org\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"security@apache.org\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\",\"source\":\"security@apache.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.apache.org/dist/httpd/CHANGES_2.4.39\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/04/02/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/107669\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3932\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3933\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3935\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://httpd.apache.org/security/vulnerabilities_24.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/97a1c58e138ed58a364513b58d807a802e72bf6079ff81a10948ef7c%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/fd110f4ace2d8364c7d9190e1993cde92f79e4eb85576ed9285686ac%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRYD6JMEJ6O3JKJZFNOYXMJJU5JMEJK/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTJPHI3E3OKW7OT7COQXVG7DE7IDQ2OT/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://seclists.org/bugtraq/2019/Apr/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190617-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.f5.com/csp/article/K44591505\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03950en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/3937-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4422\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}" } }
rhsa-2020:2644
Vulnerability from csaf_redhat
Published
2020-06-22 12:28
Modified
2025-01-09 05:57
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP3 security update
Notes
Topic
Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release adds the new Apache HTTP Server 2.4.37 Service Pack 3 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 2 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.
Security fix(es):
* httpd: mod_http2: read-after-free on a string compare (CVE-2019-0196)
* httpd: mod_http2: possible crash on late upgrade (CVE-2019-0197)
* httpd: mod_proxy_ftp use of uninitialized value (CVE-2020-1934)
* nghttp2: overly large SETTINGS frames can lead to DoS (CVE-2020-11080)
* libxml2: There's a memory leak in xmlParseBalancedChunkMemoryRecover in parser.c that could result in a crash (CVE-2019-19956)
* libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c (CVE-2019-20388)
* libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations (CVE-2020-7595)
* expat: large number of colons in input makes parser consume high amount of resources, leading to DoS (CVE-2018-20843)
* expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "This release adds the new Apache HTTP Server 2.4.37 Service Pack 3 packages that are part of the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 2 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity fix(es):\n\n* httpd: mod_http2: read-after-free on a string compare (CVE-2019-0196)\n* httpd: mod_http2: possible crash on late upgrade (CVE-2019-0197)\n* httpd: mod_proxy_ftp use of uninitialized value (CVE-2020-1934)\n* nghttp2: overly large SETTINGS frames can lead to DoS (CVE-2020-11080)\n* libxml2: There\u0027s a memory leak in xmlParseBalancedChunkMemoryRecover in parser.c that could result in a crash (CVE-2019-19956)\n* libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c (CVE-2019-20388)\n* libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations (CVE-2020-7595)\n* expat: large number of colons in input makes parser consume high amount of resources, leading to DoS (CVE-2018-20843)\n* expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:2644", "url": "https://access.redhat.com/errata/RHSA-2020:2644" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1695030", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695030" }, { "category": "external", "summary": "1695042", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695042" }, { "category": "external", "summary": "1723723", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1723723" }, { "category": "external", "summary": "1752592", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752592" }, { "category": "external", "summary": "1788856", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788856" }, { "category": "external", "summary": "1799734", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1799734" }, { "category": "external", "summary": "1799786", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1799786" }, { "category": "external", "summary": "1820772", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820772" }, { "category": "external", "summary": "1844929", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1844929" }, { "category": "external", "summary": "JBCS-941", "url": "https://issues.redhat.com/browse/JBCS-941" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2644.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP3 security update", "tracking": { "current_release_date": "2025-01-09T05:57:30+00:00", "generator": { "date": "2025-01-09T05:57:30+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.5" } }, "id": "RHSA-2020:2644", "initial_release_date": "2020-06-22T12:28:02+00:00", "revision_history": [ { "date": "2020-06-22T12:28:02+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-06-22T12:28:02+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2025-01-09T05:57:30+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Core Services on RHEL 6 Server", "product": { "name": "Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_core_services:1::el6" } } }, { "category": "product_name", "name": "Red Hat JBoss Core Services on RHEL 7 Server", "product": { "name": "Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_core_services:1::el7" } } } ], "category": "product_family", "name": "Red Hat JBoss Core Services" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "product_id": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-25.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "product_id": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.39.2-25.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.39.2-25.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "product_id": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-36.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "product_id": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.64.1-36.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "product_id": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.64.1-36.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "product_id": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.64.1-36.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "product_id": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-57.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "product_id": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.37-57.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "product_id": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.37-57.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "product_id": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.37-57.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.37-57.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.37-57.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.37-57.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.37-57.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.37-57.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-3.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.7-3.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.48-4.redhat_1.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.48-4.redhat_1.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.48-4.redhat_1.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-24.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.0.8-24.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-51.GA.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.2-51.GA.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.14-4.Final_redhat_2.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.14-4.Final_redhat_2.jbcs.el6?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-25.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.39.2-25.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.39.2-25.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-36.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.64.1-36.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.64.1-36.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.64.1-36.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-57.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.37-57.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.37-57.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.37-57.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.37-57.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.37-57.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.37-57.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.37-57.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.37-57.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-3.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.7-3.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.48-4.redhat_1.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.48-4.redhat_1.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.48-4.redhat_1.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-24.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.0.8-24.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-51.GA.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.2-51.GA.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.14-4.Final_redhat_2.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.14-4.Final_redhat_2.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-25.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.39.2-25.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.39.2-25.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-36.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.64.1-36.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.64.1-36.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.64.1-36.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-57.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.37-57.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.37-57.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.37-57.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.37-57.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.37-57.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.37-57.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.37-57.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.37-57.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-7.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11-debuginfo@0.4.10-7.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-3.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.7-3.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.48-4.redhat_1.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.48-4.redhat_1.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.48-4.redhat_1.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-24.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.0.8-24.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-51.GA.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.2-51.GA.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.14-4.Final_redhat_2.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.14-4.Final_redhat_2.jbcs.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "product": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "product_id": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-25.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "product": { "name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "product_id": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-36.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "product": { "name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "product_id": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-57.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "product": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "product_id": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-3.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "product": { "name": "jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "product_id": "jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-4.redhat_1.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "product": { "name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "product_id": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-24.jbcs.el6?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "product": { "name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "product_id": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-51.GA.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "product": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.14-4.Final_redhat_2.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "product": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "product_id": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-25.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "product": { "name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "product_id": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-36.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "product": { "name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "product_id": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-57.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "product": { "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-7.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "product": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "product_id": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-3.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "product": { "name": "jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "product_id": "jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-4.redhat_1.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "product": { "name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "product_id": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-24.jbcs.el7?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "product": { "name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "product_id": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-51.GA.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "product": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.14-4.Final_redhat_2.jbcs.el7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "product": { "name": "jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "product_id": "jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.37-57.jbcs.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "product": { "name": "jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "product_id": "jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.37-57.jbcs.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch" }, "product_reference": "jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch" }, "product_reference": "jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-20843", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-06-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1723723" } ], "notes": [ { "category": "description", "text": "It was discovered that the \"setElementTypePrefix()\" function incorrectly extracted XML namespace prefixes. By tricking an application into processing a specially crafted XML file, an attacker could cause unusually high consumption of memory resources and possibly lead to a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "expat: large number of colons in input makes parser consume high amount of resources, leading to DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "When processing a specially crafted XML file, expat may use more memory than ultimately necessary, which can also lead to increased CPU usage and longer processing times. Depending on available system resources and configuration, this may also lead to the application triggering the Out-Of-Memory-Killer, causing the application to be terminated.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-20843" }, { "category": "external", "summary": "RHBZ#1723723", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1723723" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-20843", "url": "https://www.cve.org/CVERecord?id=CVE-2018-20843" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20843", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20843" }, { "category": "external", "summary": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931031", "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931031" } ], "release_date": "2019-06-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-06-22T12:28:02+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2644" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "expat: large number of colons in input makes parser consume high amount of resources, leading to DoS" }, { "cve": "CVE-2019-0196", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2019-04-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1695030" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_http2: read-after-free on a string compare", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-0196" }, { "category": "external", "summary": "RHBZ#1695030", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695030" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-0196", "url": "https://www.cve.org/CVERecord?id=CVE-2019-0196" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0196", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0196" }, { "category": "external", "summary": "http://www.apache.org/dist/httpd/CHANGES_2.4", "url": "http://www.apache.org/dist/httpd/CHANGES_2.4" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html", "url": "https://httpd.apache.org/security/vulnerabilities_24.html" } ], "release_date": "2019-04-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-06-22T12:28:02+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2644" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "httpd: mod_http2: read-after-free on a string compare" }, { "cve": "CVE-2019-0197", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2019-04-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1695042" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server that never enabled the h2 protocol or that only enabled it for https: and did not set \"H2Upgrade on\" are unaffected by this issue.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_http2: possible crash on late upgrade", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-0197" }, { "category": "external", "summary": "RHBZ#1695042", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695042" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-0197", "url": "https://www.cve.org/CVERecord?id=CVE-2019-0197" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0197", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0197" }, { "category": "external", "summary": "http://www.apache.org/dist/httpd/CHANGES_2.4", "url": "http://www.apache.org/dist/httpd/CHANGES_2.4" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html", "url": "https://httpd.apache.org/security/vulnerabilities_24.html" } ], "release_date": "2019-02-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-06-22T12:28:02+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2644" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L", "version": "3.0" }, "products": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "httpd: mod_http2: possible crash on late upgrade" }, { "cve": "CVE-2019-15903", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2019-09-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1752592" } ], "notes": [ { "category": "description", "text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.", "title": "Vulnerability description" }, { "category": "summary", "text": "expat: heap-based buffer over-read via crafted XML input", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-15903" }, { "category": "external", "summary": "RHBZ#1752592", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752592" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-15903", "url": "https://www.cve.org/CVERecord?id=CVE-2019-15903" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-15903", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15903" } ], "release_date": "2019-09-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-06-22T12:28:02+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2644" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "expat: heap-based buffer over-read via crafted XML input" }, { "cve": "CVE-2019-19956", "cwe": { "id": "CWE-772", "name": "Missing Release of Resource after Effective Lifetime" }, "discovery_date": "2020-01-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1788856" } ], "notes": [ { "category": "description", "text": "xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc-\u003eoldNs.", "title": "Vulnerability description" }, { "category": "summary", "text": "libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19956" }, { "category": "external", "summary": "RHBZ#1788856", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788856" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19956", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19956" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19956", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19956" } ], "release_date": "2020-01-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-06-22T12:28:02+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2644" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c" }, { "cve": "CVE-2019-20388", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2020-02-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1799734" } ], "notes": [ { "category": "description", "text": "A memory leak was found in the xmlSchemaValidateStream function of libxml2. Applications that use this library may be vulnerable to memory not being freed leading to a denial of service. System availability is the highest threat from this vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-20388" }, { "category": "external", "summary": "RHBZ#1799734", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1799734" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-20388", "url": "https://www.cve.org/CVERecord?id=CVE-2019-20388" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-20388", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20388" } ], "release_date": "2020-01-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-06-22T12:28:02+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2644" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c" }, { "cve": "CVE-2020-1934", "cwe": { "id": "CWE-456", "name": "Missing Initialization of a Variable" }, "discovery_date": "2020-04-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1820772" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache\u0027s HTTP server (httpd) .The mod_proxy_ftp module may use uninitialized memory with proxying to a malicious FTP server. The highest threat from this vulnerability is to data confidentiality.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_proxy_ftp use of uninitialized value", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw is caused by use of an uninitialized memory variable. Practically this has no impact, but in some corner cases it is possible that the contents of this variable could be read by a remote process, causing loss of confidentiality as a result of this. There is no evidence of code execution.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-1934" }, { "category": "external", "summary": "RHBZ#1820772", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820772" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-1934", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1934" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1934", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1934" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html", "url": "https://httpd.apache.org/security/vulnerabilities_24.html" } ], "release_date": "2020-04-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-06-22T12:28:02+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2644" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "httpd: mod_proxy_ftp use of uninitialized value" }, { "cve": "CVE-2020-7595", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2020-02-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1799786" } ], "notes": [ { "category": "description", "text": "xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.", "title": "Vulnerability description" }, { "category": "summary", "text": "libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-7595" }, { "category": "external", "summary": "RHBZ#1799786", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1799786" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-7595", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7595" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7595", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7595" } ], "release_date": "2020-01-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-06-22T12:28:02+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2644" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations" }, { "acknowledgments": [ { "names": [ "the Envoy security team" ] } ], "cve": "CVE-2020-11080", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2020-06-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1844929" } ], "notes": [ { "category": "description", "text": "A resource consumption vulnerability was found in nghttp2. This flaw allows an attacker to repeatedly construct an overly large HTTP/2 SETTINGS frame with a length of 14,400 bytes that causes excessive CPU usage, leading to a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nghttp2: overly large SETTINGS frames can lead to DoS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11080" }, { "category": "external", "summary": "RHBZ#1844929", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1844929" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11080", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11080" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11080", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11080" }, { "category": "external", "summary": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-q5wr-xfw9-q7xr", "url": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-q5wr-xfw9-q7xr" } ], "release_date": "2020-06-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-06-22T12:28:02+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2644" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nghttp2: overly large SETTINGS frames can lead to DoS" } ] }
rhsa-2020:4751
Vulnerability from csaf_redhat
Published
2020-11-04 01:44
Modified
2025-01-19 19:51
Summary
Red Hat Security Advisory: httpd:2.4 security, bug fix, and enhancement update
Notes
Topic
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
The following packages have been upgraded to a later upstream version: mod_http2 (1.15.7). (BZ#1814236)
Security Fix(es):
* httpd: memory corruption on early pushes (CVE-2019-10081)
* httpd: read-after-free in h2 connection shutdown (CVE-2019-10082)
* httpd: null-pointer dereference in mod_remoteip (CVE-2019-10097)
* httpd: mod_rewrite configurations vulnerable to open redirect (CVE-2020-1927)
* httpd: mod_http2: DoS via slow, unneeded request bodies (CVE-2018-17189)
* httpd: mod_http2: read-after-free on a string compare (CVE-2019-0196)
* httpd: mod_http2: possible crash on late upgrade (CVE-2019-0197)
* httpd: limited cross-site scripting in mod_proxy error page (CVE-2019-10092)
* httpd: mod_rewrite potential open redirect (CVE-2019-10098)
* httpd: mod_proxy_ftp use of uninitialized value (CVE-2020-1934)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nThe following packages have been upgraded to a later upstream version: mod_http2 (1.15.7). (BZ#1814236)\n\nSecurity Fix(es):\n\n* httpd: memory corruption on early pushes (CVE-2019-10081)\n\n* httpd: read-after-free in h2 connection shutdown (CVE-2019-10082)\n\n* httpd: null-pointer dereference in mod_remoteip (CVE-2019-10097)\n\n* httpd: mod_rewrite configurations vulnerable to open redirect (CVE-2020-1927)\n\n* httpd: mod_http2: DoS via slow, unneeded request bodies (CVE-2018-17189)\n\n* httpd: mod_http2: read-after-free on a string compare (CVE-2019-0196)\n\n* httpd: mod_http2: possible crash on late upgrade (CVE-2019-0197)\n\n* httpd: limited cross-site scripting in mod_proxy error page (CVE-2019-10092)\n\n* httpd: mod_rewrite potential open redirect (CVE-2019-10098)\n\n* httpd: mod_proxy_ftp use of uninitialized value (CVE-2020-1934)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:4751", "url": "https://access.redhat.com/errata/RHSA-2020:4751" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/", "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/" }, { "category": "external", "summary": "1209162", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209162" }, { "category": "external", "summary": "1668497", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668497" }, { "category": "external", "summary": "1695030", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695030" }, { "category": "external", "summary": "1695042", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695042" }, { "category": "external", "summary": "1743956", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743956" }, { "category": "external", "summary": "1743959", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743959" }, { "category": "external", "summary": "1743966", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743966" }, { "category": "external", "summary": "1743974", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743974" }, { "category": "external", "summary": "1743996", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743996" }, { "category": "external", "summary": "1771847", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771847" }, { "category": "external", "summary": "1814236", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1814236" }, { "category": "external", "summary": "1820761", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820761" }, { "category": "external", "summary": "1820772", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820772" }, { "category": "external", "summary": "1832844", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1832844" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4751.json" } ], "title": "Red Hat Security Advisory: httpd:2.4 security, bug fix, and enhancement update", "tracking": { "current_release_date": "2025-01-19T19:51:46+00:00", "generator": { "date": "2025-01-19T19:51:46+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.6" } }, "id": "RHSA-2020:4751", "initial_release_date": "2020-11-04T01:44:47+00:00", "revision_history": [ { "date": "2020-11-04T01:44:47+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-11-04T01:44:47+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2025-01-19T19:51:46+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "httpd:2.4:8030020200818000036:30b713e6", "product": { "name": "httpd:2.4:8030020200818000036:30b713e6", "product_id": "httpd:2.4:8030020200818000036:30b713e6", "product_identification_helper": { "purl": "pkg:rpmmod/redhat/httpd@2.4:8030020200818000036:30b713e6" } } }, { "category": "product_version", "name": "httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "product": { "name": "httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "product_id": "httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-filesystem@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=noarch" } } }, { "category": "product_version", "name": "httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "product": { "name": "httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "product_id": "httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-manual@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "product": { "name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "product_id": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=src" } } }, { "category": "product_version", "name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "product": { "name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "product_id": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=src" } } }, { "category": "product_version", "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "product": { "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=src\u0026epoch=1" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product": { "name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_id": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64" } } }, { "category": "product_version", "name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product": { "name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_id": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64" } } }, { "category": "product_version", "name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product": { "name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_id": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64" } } }, { "category": "product_version", "name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product": { "name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_id": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-devel@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64" } } }, { "category": "product_version", "name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product": { "name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_id": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-tools@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64" } } }, { "category": "product_version", "name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product": { "name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_id": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64" } } }, { "category": "product_version", "name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "product": { "name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "product_id": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=x86_64" } } }, { "category": "product_version", "name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "product": { "name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "product_id": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=x86_64" } } }, { "category": "product_version", "name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "product": { "name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "product_id": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=x86_64" } } }, { "category": "product_version", "name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product": { "name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_id": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64" } } }, { "category": "product_version", "name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product": { "name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_id": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64" } } }, { "category": "product_version", "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "product": { "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "product": { "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "product": { "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product": { "name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_id": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product": { "name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_id": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product": { "name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_id": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_session@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64" } } }, { "category": "product_version", "name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product": { "name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_id": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64" } } }, { "category": "product_version", "name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product": { "name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_id": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product": { "name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_id": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product": { "name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_id": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x" } } }, { "category": "product_version", "name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product": { "name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_id": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x" } } }, { "category": "product_version", "name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product": { "name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_id": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x" } } }, { "category": "product_version", "name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product": { "name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_id": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-devel@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x" } } }, { "category": "product_version", "name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product": { "name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_id": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-tools@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x" } } }, { "category": "product_version", "name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product": { "name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_id": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x" } } }, { "category": "product_version", "name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "product": { "name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "product_id": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=s390x" } } }, { "category": "product_version", "name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "product": { "name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "product_id": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=s390x" } } }, { "category": "product_version", "name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "product": { "name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "product_id": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=s390x" } } }, { "category": "product_version", "name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product": { "name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_id": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x" } } }, { "category": "product_version", "name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product": { "name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_id": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x" } } }, { "category": "product_version", "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "product": { "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "product": { "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "product": { "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product": { "name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_id": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product": { "name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_id": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product": { "name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_id": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_session@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x" } } }, { "category": "product_version", "name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product": { "name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_id": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x" } } }, { "category": "product_version", "name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product": { "name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_id": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product": { "name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_id": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product": { "name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_id": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le" } } }, { "category": "product_version", "name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product": { "name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_id": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le" } } }, { "category": "product_version", "name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product": { "name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_id": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le" } } }, { "category": "product_version", "name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product": { "name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_id": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-devel@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le" } } }, { "category": "product_version", "name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product": { "name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_id": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-tools@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le" } } }, { "category": "product_version", "name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product": { "name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_id": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le" } } }, { "category": "product_version", "name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "product": { "name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "product_id": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=ppc64le" } } }, { "category": "product_version", "name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "product": { "name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "product_id": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=ppc64le" } } }, { "category": "product_version", "name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "product": { "name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "product_id": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=ppc64le" } } }, { "category": "product_version", "name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product": { "name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_id": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le" } } }, { "category": "product_version", "name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product": { "name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_id": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le" } } }, { "category": "product_version", "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "product": { "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "product": { "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "product": { "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product": { "name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_id": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product": { "name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_id": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product": { "name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_id": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_session@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le" } } }, { "category": "product_version", "name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product": { "name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_id": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le" } } }, { "category": "product_version", "name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product": { "name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_id": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product": { "name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_id": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product": { "name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_id": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64" } } }, { "category": "product_version", "name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product": { "name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_id": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64" } } }, { "category": "product_version", "name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product": { "name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_id": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64" } } }, { "category": "product_version", "name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product": { "name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_id": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-devel@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64" } } }, { "category": "product_version", "name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product": { "name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_id": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-tools@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64" } } }, { "category": "product_version", "name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product": { "name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_id": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64" } } }, { "category": "product_version", "name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "product": { "name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "product_id": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=aarch64" } } }, { "category": "product_version", "name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "product": { "name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "product_id": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=aarch64" } } }, { "category": "product_version", "name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "product": { "name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "product_id": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=aarch64" } } }, { "category": "product_version", "name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product": { "name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_id": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64" } } }, { "category": "product_version", "name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product": { "name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_id": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64" } } }, { "category": "product_version", "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "product": { "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "product": { "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "product": { "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product": { "name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_id": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product": { "name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_id": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product": { "name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_id": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_session@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64" } } }, { "category": "product_version", "name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product": { "name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_id": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64" } } }, { "category": "product_version", "name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product": { "name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_id": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product": { "name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_id": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64\u0026epoch=1" } } } ], "category": "architecture", "name": "aarch64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, "product_reference": "httpd:2.4:8030020200818000036:30b713e6", "relates_to_product_reference": "AppStream-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64" }, "product_reference": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le" }, "product_reference": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x" }, "product_reference": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src" }, "product_reference": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" }, "product_reference": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64" }, "product_reference": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le" }, "product_reference": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x" }, "product_reference": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" }, "product_reference": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64" }, "product_reference": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le" }, "product_reference": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x" }, "product_reference": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" }, "product_reference": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64" }, "product_reference": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le" }, "product_reference": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x" }, "product_reference": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" }, "product_reference": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch" }, "product_reference": "httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch" }, "product_reference": "httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64" }, "product_reference": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le" }, "product_reference": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x" }, "product_reference": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" }, "product_reference": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64" }, "product_reference": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le" }, "product_reference": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x" }, "product_reference": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" }, "product_reference": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64" }, "product_reference": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le" }, "product_reference": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x" }, "product_reference": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src" }, "product_reference": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64" }, "product_reference": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64" }, "product_reference": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le" }, "product_reference": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x" }, "product_reference": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64" }, "product_reference": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64" }, "product_reference": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le" }, "product_reference": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x" }, "product_reference": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64" }, "product_reference": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64" }, "product_reference": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le" }, "product_reference": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x" }, "product_reference": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" }, "product_reference": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64" }, "product_reference": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le" }, "product_reference": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x" }, "product_reference": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" }, "product_reference": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64" }, "product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le" }, "product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x" }, "product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src" }, "product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64" }, "product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64" }, "product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le" }, "product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x" }, "product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64" }, "product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64" }, "product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le" }, "product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x" }, "product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64" }, "product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64" }, "product_reference": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le" }, "product_reference": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x" }, "product_reference": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" }, "product_reference": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64" }, "product_reference": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le" }, "product_reference": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x" }, "product_reference": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" }, "product_reference": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64" }, "product_reference": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le" }, "product_reference": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x" }, "product_reference": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" }, "product_reference": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64" }, "product_reference": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le" }, "product_reference": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x" }, "product_reference": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" }, "product_reference": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64" }, "product_reference": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le" }, "product_reference": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x" }, "product_reference": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" }, "product_reference": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64" }, "product_reference": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le" }, "product_reference": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x" }, "product_reference": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" }, "product_reference": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-17189", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-01-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1668497" } ], "notes": [ { "category": "description", "text": "In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_http2: DoS via slow, unneeded request bodies", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-17189" }, { "category": "external", "summary": "RHBZ#1668497", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668497" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-17189", "url": "https://www.cve.org/CVERecord?id=CVE-2018-17189" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-17189", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17189" } ], "release_date": "2019-01-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:44:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.", "product_ids": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4751" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "httpd: mod_http2: DoS via slow, unneeded request bodies" }, { "cve": "CVE-2019-0196", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2019-04-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1695030" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_http2: read-after-free on a string compare", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-0196" }, { "category": "external", "summary": "RHBZ#1695030", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695030" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-0196", "url": "https://www.cve.org/CVERecord?id=CVE-2019-0196" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0196", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0196" }, { "category": "external", "summary": "http://www.apache.org/dist/httpd/CHANGES_2.4", "url": "http://www.apache.org/dist/httpd/CHANGES_2.4" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html", "url": "https://httpd.apache.org/security/vulnerabilities_24.html" } ], "release_date": "2019-04-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:44:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.", "product_ids": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4751" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "httpd: mod_http2: read-after-free on a string compare" }, { "cve": "CVE-2019-0197", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2019-04-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1695042" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server that never enabled the h2 protocol or that only enabled it for https: and did not set \"H2Upgrade on\" are unaffected by this issue.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_http2: possible crash on late upgrade", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-0197" }, { "category": "external", "summary": "RHBZ#1695042", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695042" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-0197", "url": "https://www.cve.org/CVERecord?id=CVE-2019-0197" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0197", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0197" }, { "category": "external", "summary": "http://www.apache.org/dist/httpd/CHANGES_2.4", "url": "http://www.apache.org/dist/httpd/CHANGES_2.4" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html", "url": "https://httpd.apache.org/security/vulnerabilities_24.html" } ], "release_date": "2019-02-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:44:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.", "product_ids": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4751" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L", "version": "3.0" }, "products": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "httpd: mod_http2: possible crash on late upgrade" }, { "cve": "CVE-2019-10081", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-08-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1743966" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Apache httpd, in mod_http2. Under certain circumstances, HTTP/2 early pushes could lead to memory corruption, causing a server to crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: memory corruption on early pushes", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10081" }, { "category": "external", "summary": "RHBZ#1743966", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743966" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10081", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10081" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10081", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10081" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html", "url": "https://httpd.apache.org/security/vulnerabilities_24.html" } ], "release_date": "2019-08-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:44:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.", "product_ids": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4751" }, { "category": "workaround", "details": "This flaw is only exploitable if Apache httpd is configured to respond to HTTP/2 requests, which is done by including \"h2\" or \"h2c\" in the \"Protocols\" list in a configuration file. The following command can be used to search for possible vulnerable configurations: \n\n grep -R \u0027^\\s*Protocols\\\u003e.*\\\u003ch2\\\u003e\u0027 /etc/httpd/\n\nSee https://httpd.apache.org/docs/2.4/mod/mod_http2.html", "product_ids": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: memory corruption on early pushes" }, { "cve": "CVE-2019-10082", "discovery_date": "2019-08-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1743974" } ], "notes": [ { "category": "description", "text": "A read-after-free vulnerability was discovered in Apache httpd, in mod_http2. A specially crafted http/2 client session could cause the server to read memory that was previously freed during connection shutdown, potentially leading to a crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: read-after-free in h2 connection shutdown", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10082" }, { "category": "external", "summary": "RHBZ#1743974", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743974" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10082", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10082" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10082", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10082" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html", "url": "https://httpd.apache.org/security/vulnerabilities_24.html" } ], "release_date": "2019-08-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:44:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.", "product_ids": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4751" }, { "category": "workaround", "details": "This flaw is only exploitable if Apache httpd is configured to respond to HTTP/2 requests, which is done by including \"h2\" or \"h2c\" in the \"Protocols\" list in a configuration file. The following command can be used to search for possible vulnerable configurations: \n\n grep -R \u0027^\\s*Protocols\\\u003e.*\\\u003ch2\\\u003e\u0027 /etc/httpd/\n\nSee https://httpd.apache.org/docs/2.4/mod/mod_http2.html", "product_ids": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.0" }, "products": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: read-after-free in h2 connection shutdown" }, { "cve": "CVE-2019-10092", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-08-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1743956" } ], "notes": [ { "category": "description", "text": "A cross-site scripting vulnerability was found in Apache httpd, affecting the mod_proxy error page. Under certain circumstances, a crafted link could inject content into the HTML displayed in the error page, potentially leading to client-side exploitation.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: limited cross-site scripting in mod_proxy error page", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10092" }, { "category": "external", "summary": "RHBZ#1743956", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743956" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10092", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10092" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10092", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10092" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html", "url": "https://httpd.apache.org/security/vulnerabilities_24.html" } ], "release_date": "2019-08-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:44:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.", "product_ids": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4751" }, { "category": "workaround", "details": "This flaw is only exploitable if Proxy* directives are used in Apache httpd configuration. The following command can be used to search for possible vulnerable configurations:\n\n grep -R \u0027^\\s*Proxy\u0027 /etc/httpd/\n\nSee https://httpd.apache.org/docs/2.4/mod/mod_proxy.html", "product_ids": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "httpd: limited cross-site scripting in mod_proxy error page" }, { "cve": "CVE-2019-10097", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2019-08-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1743996" } ], "notes": [ { "category": "description", "text": "A vulnerability was discovered in Apache httpd, in mod_remoteip. A trusted proxy using the \"PROXY\" protocol could send specially crafted headers that can cause httpd to experience a stack buffer overflow or NULL pointer dereference, leading to a crash or other potential consequences.\r\n\r\nThis issue could only be exploited by configured trusted intermediate proxy servers. HTTP clients such as browsers could not exploit the vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: null-pointer dereference in mod_remoteip", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10097" }, { "category": "external", "summary": "RHBZ#1743996", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743996" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10097", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10097" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10097", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10097" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html", "url": "https://httpd.apache.org/security/vulnerabilities_24.html" } ], "release_date": "2019-08-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:44:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.", "product_ids": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4751" }, { "category": "workaround", "details": "This flaw is only exploitable if RemoteIP* directives are used in Apache httpd configuration. The following command can be used to search for possible vulnerable configurations:\n\n grep -R \u0027^\\s*RemoteIP\u0027 /etc/httpd/\n\nSee https://httpd.apache.org/docs/2.4/mod/mod_remoteip.html", "product_ids": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: null-pointer dereference in mod_remoteip" }, { "cve": "CVE-2019-10098", "discovery_date": "2019-08-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1743959" } ], "notes": [ { "category": "description", "text": "A vulnerability was discovered in Apache httpd, in mod_rewrite. Certain self-referential mod_rewrite rules could be fooled by encoded newlines, causing them to redirect to an unexpected location. An attacker could abuse this flaw in a phishing attack or as part of a client-side attack on browsers.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_rewrite potential open redirect", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10098" }, { "category": "external", "summary": "RHBZ#1743959", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743959" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10098", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10098" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10098", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10098" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html", "url": "https://httpd.apache.org/security/vulnerabilities_24.html" } ], "release_date": "2019-08-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:44:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.", "product_ids": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4751" }, { "category": "workaround", "details": "This flaw requires the use of certain Rewrite configuration directives. The following command can be used to search for possible vulnerable configurations:\n\n grep -R \u0027^\\s*Rewrite\u0027 /etc/httpd/\n\nSee https://httpd.apache.org/docs/2.4/mod/mod_rewrite.html", "product_ids": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "httpd: mod_rewrite potential open redirect" }, { "cve": "CVE-2020-1927", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "discovery_date": "2020-04-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1820761" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache HTTP Server (httpd) versions 2.4.0 to 2.4.41. Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirected instead to an unexpected URL within the request URL.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_rewrite configurations vulnerable to open redirect", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue only affects httpd versions between 2.4.0 and 2.4.41. Therefore Red Hat Enterprise Linux 5 and 6 are not affected by this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-1927" }, { "category": "external", "summary": "RHBZ#1820761", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820761" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-1927", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1927" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1927", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1927" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html", "url": "https://httpd.apache.org/security/vulnerabilities_24.html" } ], "release_date": "2020-04-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:44:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.", "product_ids": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4751" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: mod_rewrite configurations vulnerable to open redirect" }, { "cve": "CVE-2020-1934", "cwe": { "id": "CWE-456", "name": "Missing Initialization of a Variable" }, "discovery_date": "2020-04-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1820772" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache\u0027s HTTP server (httpd) .The mod_proxy_ftp module may use uninitialized memory with proxying to a malicious FTP server. The highest threat from this vulnerability is to data confidentiality.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_proxy_ftp use of uninitialized value", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw is caused by use of an uninitialized memory variable. Practically this has no impact, but in some corner cases it is possible that the contents of this variable could be read by a remote process, causing loss of confidentiality as a result of this. There is no evidence of code execution.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-1934" }, { "category": "external", "summary": "RHBZ#1820772", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820772" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-1934", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1934" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1934", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1934" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html", "url": "https://httpd.apache.org/security/vulnerabilities_24.html" } ], "release_date": "2020-04-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T01:44:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.", "product_ids": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4751" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6", "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:3