rhsa-2023_0970
Vulnerability from csaf_redhat
Published
2023-02-28 08:28
Modified
2024-11-22 22:00
Summary
Red Hat Security Advisory: httpd security and bug fix update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: mod_dav: out-of-bounds read/write of zero byte (CVE-2006-20001)
* httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-36760)
* httpd: mod_proxy: HTTP response splitting (CVE-2022-37436)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* httpd-init fails to create localhost.crt, localhost.key due to "sscg" default now creates a /dhparams.pem and is not idempotent if the file /dhparams.pem already exists. (BZ#2165975)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for httpd is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: mod_dav: out-of-bounds read/write of zero byte (CVE-2006-20001)\n\n* httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-36760)\n\n* httpd: mod_proxy: HTTP response splitting (CVE-2022-37436)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* httpd-init fails to create localhost.crt, localhost.key due to \"sscg\" default now creates a /dhparams.pem and is not idempotent if the file /dhparams.pem already exists. (BZ#2165975)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:0970", url: "https://access.redhat.com/errata/RHSA-2023:0970", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "2161773", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2161773", }, { category: "external", summary: "2161774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2161774", }, { category: "external", summary: "2161777", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2161777", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0970.json", }, ], title: "Red Hat Security Advisory: httpd security and bug fix update", tracking: { current_release_date: "2024-11-22T22:00:09+00:00", generator: { date: "2024-11-22T22:00:09+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2023:0970", initial_release_date: "2023-02-28T08:28:02+00:00", revision_history: [ { date: "2023-02-28T08:28:02+00:00", number: "1", summary: "Initial version", }, { date: "2023-02-28T08:28:02+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T22:00:09+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 9)", product: { name: "Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:9::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.53-7.el9_1.1.src", product: { name: "httpd-0:2.4.53-7.el9_1.1.src", product_id: "httpd-0:2.4.53-7.el9_1.1.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.53-7.el9_1.1?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.53-7.el9_1.1.aarch64", product: { name: "httpd-0:2.4.53-7.el9_1.1.aarch64", product_id: "httpd-0:2.4.53-7.el9_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.53-7.el9_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.53-7.el9_1.1.aarch64", product: { name: "httpd-core-0:2.4.53-7.el9_1.1.aarch64", product_id: "httpd-core-0:2.4.53-7.el9_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.53-7.el9_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.53-7.el9_1.1.aarch64", product: { name: "httpd-devel-0:2.4.53-7.el9_1.1.aarch64", product_id: "httpd-devel-0:2.4.53-7.el9_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.53-7.el9_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.53-7.el9_1.1.aarch64", product: { name: "httpd-tools-0:2.4.53-7.el9_1.1.aarch64", product_id: "httpd-tools-0:2.4.53-7.el9_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.53-7.el9_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.53-7.el9_1.1.aarch64", product: { name: "mod_ldap-0:2.4.53-7.el9_1.1.aarch64", product_id: "mod_ldap-0:2.4.53-7.el9_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.53-7.el9_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.53-7.el9_1.1.aarch64", product: { name: "mod_lua-0:2.4.53-7.el9_1.1.aarch64", product_id: "mod_lua-0:2.4.53-7.el9_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.53-7.el9_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.53-7.el9_1.1.aarch64", product: { name: "mod_proxy_html-1:2.4.53-7.el9_1.1.aarch64", product_id: "mod_proxy_html-1:2.4.53-7.el9_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.53-7.el9_1.1?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.53-7.el9_1.1.aarch64", product: { name: "mod_session-0:2.4.53-7.el9_1.1.aarch64", product_id: "mod_session-0:2.4.53-7.el9_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.53-7.el9_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.53-7.el9_1.1.aarch64", product: { name: "mod_ssl-1:2.4.53-7.el9_1.1.aarch64", product_id: "mod_ssl-1:2.4.53-7.el9_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.53-7.el9_1.1?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.53-7.el9_1.1.aarch64", product: { name: "httpd-debugsource-0:2.4.53-7.el9_1.1.aarch64", product_id: "httpd-debugsource-0:2.4.53-7.el9_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.53-7.el9_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.53-7.el9_1.1.aarch64", product: { name: "httpd-core-debuginfo-0:2.4.53-7.el9_1.1.aarch64", product_id: "httpd-core-debuginfo-0:2.4.53-7.el9_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-7.el9_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.53-7.el9_1.1.aarch64", product: { name: "httpd-debuginfo-0:2.4.53-7.el9_1.1.aarch64", product_id: "httpd-debuginfo-0:2.4.53-7.el9_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.53-7.el9_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.aarch64", product: { name: "httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.aarch64", product_id: "httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-7.el9_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.aarch64", product: { name: "mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.aarch64", product_id: "mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-7.el9_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.53-7.el9_1.1.aarch64", product: { name: "mod_lua-debuginfo-0:2.4.53-7.el9_1.1.aarch64", product_id: "mod_lua-debuginfo-0:2.4.53-7.el9_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-7.el9_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.aarch64", product: { name: "mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.aarch64", product_id: "mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-7.el9_1.1?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.53-7.el9_1.1.aarch64", product: { name: "mod_session-debuginfo-0:2.4.53-7.el9_1.1.aarch64", product_id: "mod_session-debuginfo-0:2.4.53-7.el9_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-7.el9_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.aarch64", product: { name: "mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.aarch64", product_id: "mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-7.el9_1.1?arch=aarch64&epoch=1", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.53-7.el9_1.1.ppc64le", product: { name: "httpd-0:2.4.53-7.el9_1.1.ppc64le", product_id: "httpd-0:2.4.53-7.el9_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.53-7.el9_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.53-7.el9_1.1.ppc64le", product: { name: "httpd-core-0:2.4.53-7.el9_1.1.ppc64le", product_id: "httpd-core-0:2.4.53-7.el9_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.53-7.el9_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.53-7.el9_1.1.ppc64le", product: { name: "httpd-devel-0:2.4.53-7.el9_1.1.ppc64le", product_id: "httpd-devel-0:2.4.53-7.el9_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.53-7.el9_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.53-7.el9_1.1.ppc64le", product: { name: "httpd-tools-0:2.4.53-7.el9_1.1.ppc64le", product_id: "httpd-tools-0:2.4.53-7.el9_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.53-7.el9_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.53-7.el9_1.1.ppc64le", product: { name: "mod_ldap-0:2.4.53-7.el9_1.1.ppc64le", product_id: "mod_ldap-0:2.4.53-7.el9_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.53-7.el9_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.53-7.el9_1.1.ppc64le", product: { name: "mod_lua-0:2.4.53-7.el9_1.1.ppc64le", product_id: "mod_lua-0:2.4.53-7.el9_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.53-7.el9_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.53-7.el9_1.1.ppc64le", product: { name: "mod_proxy_html-1:2.4.53-7.el9_1.1.ppc64le", product_id: "mod_proxy_html-1:2.4.53-7.el9_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.53-7.el9_1.1?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.53-7.el9_1.1.ppc64le", product: { name: "mod_session-0:2.4.53-7.el9_1.1.ppc64le", product_id: "mod_session-0:2.4.53-7.el9_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.53-7.el9_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.53-7.el9_1.1.ppc64le", product: { name: "mod_ssl-1:2.4.53-7.el9_1.1.ppc64le", product_id: "mod_ssl-1:2.4.53-7.el9_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.53-7.el9_1.1?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.53-7.el9_1.1.ppc64le", product: { name: "httpd-debugsource-0:2.4.53-7.el9_1.1.ppc64le", product_id: "httpd-debugsource-0:2.4.53-7.el9_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.53-7.el9_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", product: { name: "httpd-core-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", product_id: "httpd-core-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-7.el9_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", product: { name: "httpd-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", product_id: "httpd-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.53-7.el9_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", product: { name: "httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", product_id: "httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-7.el9_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", product: { name: "mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", product_id: "mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-7.el9_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", product: { name: "mod_lua-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", product_id: "mod_lua-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-7.el9_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", product: { name: "mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", product_id: "mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-7.el9_1.1?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", product: { name: "mod_session-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", product_id: "mod_session-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-7.el9_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", product: { name: "mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", product_id: "mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-7.el9_1.1?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.53-7.el9_1.1.x86_64", product: { name: "httpd-0:2.4.53-7.el9_1.1.x86_64", product_id: "httpd-0:2.4.53-7.el9_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.53-7.el9_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.53-7.el9_1.1.x86_64", product: { name: "httpd-core-0:2.4.53-7.el9_1.1.x86_64", product_id: "httpd-core-0:2.4.53-7.el9_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.53-7.el9_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.53-7.el9_1.1.x86_64", product: { name: "httpd-devel-0:2.4.53-7.el9_1.1.x86_64", product_id: "httpd-devel-0:2.4.53-7.el9_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.53-7.el9_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.53-7.el9_1.1.x86_64", product: { name: "httpd-tools-0:2.4.53-7.el9_1.1.x86_64", product_id: "httpd-tools-0:2.4.53-7.el9_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.53-7.el9_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.53-7.el9_1.1.x86_64", product: { name: "mod_ldap-0:2.4.53-7.el9_1.1.x86_64", product_id: "mod_ldap-0:2.4.53-7.el9_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.53-7.el9_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.53-7.el9_1.1.x86_64", product: { name: "mod_lua-0:2.4.53-7.el9_1.1.x86_64", product_id: "mod_lua-0:2.4.53-7.el9_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.53-7.el9_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.53-7.el9_1.1.x86_64", product: { name: "mod_proxy_html-1:2.4.53-7.el9_1.1.x86_64", product_id: "mod_proxy_html-1:2.4.53-7.el9_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.53-7.el9_1.1?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.53-7.el9_1.1.x86_64", product: { name: "mod_session-0:2.4.53-7.el9_1.1.x86_64", product_id: "mod_session-0:2.4.53-7.el9_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.53-7.el9_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.53-7.el9_1.1.x86_64", product: { name: "mod_ssl-1:2.4.53-7.el9_1.1.x86_64", product_id: "mod_ssl-1:2.4.53-7.el9_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.53-7.el9_1.1?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.53-7.el9_1.1.x86_64", product: { name: "httpd-debugsource-0:2.4.53-7.el9_1.1.x86_64", product_id: "httpd-debugsource-0:2.4.53-7.el9_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.53-7.el9_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.53-7.el9_1.1.x86_64", product: { name: "httpd-core-debuginfo-0:2.4.53-7.el9_1.1.x86_64", product_id: "httpd-core-debuginfo-0:2.4.53-7.el9_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-7.el9_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.53-7.el9_1.1.x86_64", product: { name: "httpd-debuginfo-0:2.4.53-7.el9_1.1.x86_64", product_id: "httpd-debuginfo-0:2.4.53-7.el9_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.53-7.el9_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-7.el9_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-7.el9_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.53-7.el9_1.1.x86_64", product: { name: "mod_lua-debuginfo-0:2.4.53-7.el9_1.1.x86_64", product_id: "mod_lua-debuginfo-0:2.4.53-7.el9_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-7.el9_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-7.el9_1.1?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.53-7.el9_1.1.x86_64", product: { name: "mod_session-debuginfo-0:2.4.53-7.el9_1.1.x86_64", product_id: "mod_session-debuginfo-0:2.4.53-7.el9_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-7.el9_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-7.el9_1.1?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.53-7.el9_1.1.s390x", product: { name: "httpd-0:2.4.53-7.el9_1.1.s390x", product_id: "httpd-0:2.4.53-7.el9_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.53-7.el9_1.1?arch=s390x", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.53-7.el9_1.1.s390x", product: { name: "httpd-core-0:2.4.53-7.el9_1.1.s390x", product_id: "httpd-core-0:2.4.53-7.el9_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.53-7.el9_1.1?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.53-7.el9_1.1.s390x", product: { name: "httpd-devel-0:2.4.53-7.el9_1.1.s390x", product_id: "httpd-devel-0:2.4.53-7.el9_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.53-7.el9_1.1?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.53-7.el9_1.1.s390x", product: { name: "httpd-tools-0:2.4.53-7.el9_1.1.s390x", product_id: "httpd-tools-0:2.4.53-7.el9_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.53-7.el9_1.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.53-7.el9_1.1.s390x", product: { name: "mod_ldap-0:2.4.53-7.el9_1.1.s390x", product_id: "mod_ldap-0:2.4.53-7.el9_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.53-7.el9_1.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.53-7.el9_1.1.s390x", product: { name: "mod_lua-0:2.4.53-7.el9_1.1.s390x", product_id: "mod_lua-0:2.4.53-7.el9_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.53-7.el9_1.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.53-7.el9_1.1.s390x", product: { name: "mod_proxy_html-1:2.4.53-7.el9_1.1.s390x", product_id: "mod_proxy_html-1:2.4.53-7.el9_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.53-7.el9_1.1?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.53-7.el9_1.1.s390x", product: { name: "mod_session-0:2.4.53-7.el9_1.1.s390x", product_id: "mod_session-0:2.4.53-7.el9_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.53-7.el9_1.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.53-7.el9_1.1.s390x", product: { name: "mod_ssl-1:2.4.53-7.el9_1.1.s390x", product_id: "mod_ssl-1:2.4.53-7.el9_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.53-7.el9_1.1?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.53-7.el9_1.1.s390x", product: { name: "httpd-debugsource-0:2.4.53-7.el9_1.1.s390x", product_id: "httpd-debugsource-0:2.4.53-7.el9_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.53-7.el9_1.1?arch=s390x", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.53-7.el9_1.1.s390x", product: { name: "httpd-core-debuginfo-0:2.4.53-7.el9_1.1.s390x", product_id: "httpd-core-debuginfo-0:2.4.53-7.el9_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-7.el9_1.1?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.53-7.el9_1.1.s390x", product: { name: "httpd-debuginfo-0:2.4.53-7.el9_1.1.s390x", product_id: "httpd-debuginfo-0:2.4.53-7.el9_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.53-7.el9_1.1?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.s390x", product: { name: "httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.s390x", product_id: "httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-7.el9_1.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.s390x", product: { name: "mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.s390x", product_id: "mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-7.el9_1.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.53-7.el9_1.1.s390x", product: { name: "mod_lua-debuginfo-0:2.4.53-7.el9_1.1.s390x", product_id: "mod_lua-debuginfo-0:2.4.53-7.el9_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-7.el9_1.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.s390x", product: { name: "mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.s390x", product_id: "mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-7.el9_1.1?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.53-7.el9_1.1.s390x", product: { name: "mod_session-debuginfo-0:2.4.53-7.el9_1.1.s390x", product_id: "mod_session-debuginfo-0:2.4.53-7.el9_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-7.el9_1.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.s390x", product: { name: "mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.s390x", product_id: "mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-7.el9_1.1?arch=s390x&epoch=1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-filesystem-0:2.4.53-7.el9_1.1.noarch", product: { name: "httpd-filesystem-0:2.4.53-7.el9_1.1.noarch", product_id: "httpd-filesystem-0:2.4.53-7.el9_1.1.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.53-7.el9_1.1?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.53-7.el9_1.1.noarch", product: { name: "httpd-manual-0:2.4.53-7.el9_1.1.noarch", product_id: "httpd-manual-0:2.4.53-7.el9_1.1.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.53-7.el9_1.1?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.53-7.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.aarch64", }, product_reference: "httpd-0:2.4.53-7.el9_1.1.aarch64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.53-7.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.ppc64le", }, product_reference: "httpd-0:2.4.53-7.el9_1.1.ppc64le", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.53-7.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.s390x", }, product_reference: "httpd-0:2.4.53-7.el9_1.1.s390x", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.53-7.el9_1.1.src as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.src", }, product_reference: "httpd-0:2.4.53-7.el9_1.1.src", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.53-7.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.x86_64", }, product_reference: "httpd-0:2.4.53-7.el9_1.1.x86_64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.53-7.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.aarch64", }, product_reference: "httpd-core-0:2.4.53-7.el9_1.1.aarch64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.53-7.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.ppc64le", }, product_reference: "httpd-core-0:2.4.53-7.el9_1.1.ppc64le", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.53-7.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.s390x", }, product_reference: "httpd-core-0:2.4.53-7.el9_1.1.s390x", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.53-7.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.x86_64", }, product_reference: "httpd-core-0:2.4.53-7.el9_1.1.x86_64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.53-7.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.aarch64", }, product_reference: "httpd-core-debuginfo-0:2.4.53-7.el9_1.1.aarch64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.53-7.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", }, product_reference: "httpd-core-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.53-7.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.s390x", }, product_reference: "httpd-core-debuginfo-0:2.4.53-7.el9_1.1.s390x", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.53-7.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.x86_64", }, product_reference: "httpd-core-debuginfo-0:2.4.53-7.el9_1.1.x86_64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.53-7.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.aarch64", }, product_reference: "httpd-debuginfo-0:2.4.53-7.el9_1.1.aarch64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.53-7.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.53-7.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.s390x", }, product_reference: "httpd-debuginfo-0:2.4.53-7.el9_1.1.s390x", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.53-7.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.53-7.el9_1.1.x86_64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.53-7.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.aarch64", }, product_reference: "httpd-debugsource-0:2.4.53-7.el9_1.1.aarch64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.53-7.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.ppc64le", }, product_reference: "httpd-debugsource-0:2.4.53-7.el9_1.1.ppc64le", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.53-7.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.s390x", }, product_reference: "httpd-debugsource-0:2.4.53-7.el9_1.1.s390x", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.53-7.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.x86_64", }, product_reference: "httpd-debugsource-0:2.4.53-7.el9_1.1.x86_64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.53-7.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.aarch64", }, product_reference: "httpd-devel-0:2.4.53-7.el9_1.1.aarch64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.53-7.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.ppc64le", }, product_reference: "httpd-devel-0:2.4.53-7.el9_1.1.ppc64le", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.53-7.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.s390x", }, product_reference: "httpd-devel-0:2.4.53-7.el9_1.1.s390x", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.53-7.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.x86_64", }, product_reference: "httpd-devel-0:2.4.53-7.el9_1.1.x86_64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.53-7.el9_1.1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-filesystem-0:2.4.53-7.el9_1.1.noarch", }, product_reference: "httpd-filesystem-0:2.4.53-7.el9_1.1.noarch", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.53-7.el9_1.1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-manual-0:2.4.53-7.el9_1.1.noarch", }, product_reference: "httpd-manual-0:2.4.53-7.el9_1.1.noarch", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.53-7.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.aarch64", }, product_reference: "httpd-tools-0:2.4.53-7.el9_1.1.aarch64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.53-7.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.ppc64le", }, product_reference: "httpd-tools-0:2.4.53-7.el9_1.1.ppc64le", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.53-7.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.s390x", }, product_reference: "httpd-tools-0:2.4.53-7.el9_1.1.s390x", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.53-7.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.x86_64", }, product_reference: "httpd-tools-0:2.4.53-7.el9_1.1.x86_64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.aarch64", }, product_reference: "httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.aarch64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", }, product_reference: "httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.s390x", }, product_reference: "httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.s390x", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.x86_64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.53-7.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.aarch64", }, product_reference: "mod_ldap-0:2.4.53-7.el9_1.1.aarch64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.53-7.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.ppc64le", }, product_reference: "mod_ldap-0:2.4.53-7.el9_1.1.ppc64le", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.53-7.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.s390x", }, product_reference: "mod_ldap-0:2.4.53-7.el9_1.1.s390x", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.53-7.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.x86_64", }, product_reference: "mod_ldap-0:2.4.53-7.el9_1.1.x86_64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.aarch64", }, product_reference: "mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.aarch64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", }, product_reference: "mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.s390x", }, product_reference: "mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.s390x", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.x86_64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.53-7.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.aarch64", }, product_reference: "mod_lua-0:2.4.53-7.el9_1.1.aarch64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.53-7.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.ppc64le", }, product_reference: "mod_lua-0:2.4.53-7.el9_1.1.ppc64le", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.53-7.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.s390x", }, product_reference: "mod_lua-0:2.4.53-7.el9_1.1.s390x", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.53-7.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.x86_64", }, product_reference: "mod_lua-0:2.4.53-7.el9_1.1.x86_64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.53-7.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.aarch64", }, product_reference: "mod_lua-debuginfo-0:2.4.53-7.el9_1.1.aarch64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.53-7.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", }, product_reference: "mod_lua-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.53-7.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.s390x", }, product_reference: "mod_lua-debuginfo-0:2.4.53-7.el9_1.1.s390x", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.53-7.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.x86_64", }, product_reference: "mod_lua-debuginfo-0:2.4.53-7.el9_1.1.x86_64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.53-7.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.aarch64", }, product_reference: "mod_proxy_html-1:2.4.53-7.el9_1.1.aarch64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.53-7.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.53-7.el9_1.1.ppc64le", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.53-7.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.s390x", }, product_reference: "mod_proxy_html-1:2.4.53-7.el9_1.1.s390x", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.53-7.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.x86_64", }, product_reference: "mod_proxy_html-1:2.4.53-7.el9_1.1.x86_64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.aarch64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.aarch64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.s390x", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.s390x", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.x86_64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.53-7.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.aarch64", }, product_reference: "mod_session-0:2.4.53-7.el9_1.1.aarch64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.53-7.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.ppc64le", }, product_reference: "mod_session-0:2.4.53-7.el9_1.1.ppc64le", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.53-7.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.s390x", }, product_reference: "mod_session-0:2.4.53-7.el9_1.1.s390x", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.53-7.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.x86_64", }, product_reference: "mod_session-0:2.4.53-7.el9_1.1.x86_64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.53-7.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.aarch64", }, product_reference: "mod_session-debuginfo-0:2.4.53-7.el9_1.1.aarch64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.53-7.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", }, product_reference: "mod_session-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.53-7.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.s390x", }, product_reference: "mod_session-debuginfo-0:2.4.53-7.el9_1.1.s390x", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.53-7.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.53-7.el9_1.1.x86_64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.53-7.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.aarch64", }, product_reference: "mod_ssl-1:2.4.53-7.el9_1.1.aarch64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.53-7.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.ppc64le", }, product_reference: "mod_ssl-1:2.4.53-7.el9_1.1.ppc64le", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.53-7.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.s390x", }, product_reference: "mod_ssl-1:2.4.53-7.el9_1.1.s390x", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.53-7.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.x86_64", }, product_reference: "mod_ssl-1:2.4.53-7.el9_1.1.x86_64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.aarch64", }, product_reference: "mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.aarch64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", }, product_reference: "mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.s390x", }, product_reference: "mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.s390x", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.x86_64", relates_to_product_reference: "AppStream-9.1.0.Z.MAIN", }, ], }, vulnerabilities: [ { cve: "CVE-2006-20001", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2023-01-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2161774", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_dav module of httpd. A specially crafted \"If:\" request header can cause a memory read or write of a single zero byte due to a missing error check, resulting in a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: mod_dav: out-of-bounds read/write of zero byte", title: "Vulnerability summary", }, { category: "other", text: "This flaw only affects configurations with mod_dav loaded and configured. Also, if there is no WebDAV repository configured, the server is not affected and no further mitigation is needed. For more information about the mitigation, check the mitigation section below.\n\nThe httpd mod_dav module is enabled by default on Red Hat Enterprise Linux 6, 7, 8, 9, and in RHSCL. However, there is no WebDAV repository configured by default.\n\nThis flaw has been rated as having a security impact of moderate, and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 7. Red Hat Enterprise Linux 7 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.src", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-filesystem-0:2.4.53-7.el9_1.1.noarch", "AppStream-9.1.0.Z.MAIN:httpd-manual-0:2.4.53-7.el9_1.1.noarch", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2006-20001", }, { category: "external", summary: "RHBZ#2161774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2161774", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2006-20001", url: "https://www.cve.org/CVERecord?id=CVE-2006-20001", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2006-20001", url: "https://nvd.nist.gov/vuln/detail/CVE-2006-20001", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2006-20001", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2006-20001", }, ], release_date: "2023-01-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-02-28T08:28:02+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.", product_ids: [ "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.src", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-filesystem-0:2.4.53-7.el9_1.1.noarch", "AppStream-9.1.0.Z.MAIN:httpd-manual-0:2.4.53-7.el9_1.1.noarch", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:0970", }, { category: "workaround", details: "Disabling mod_dav and restarting httpd will mitigate this flaw.", product_ids: [ "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.src", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-filesystem-0:2.4.53-7.el9_1.1.noarch", "AppStream-9.1.0.Z.MAIN:httpd-manual-0:2.4.53-7.el9_1.1.noarch", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.src", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-filesystem-0:2.4.53-7.el9_1.1.noarch", "AppStream-9.1.0.Z.MAIN:httpd-manual-0:2.4.53-7.el9_1.1.noarch", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: mod_dav: out-of-bounds read/write of zero byte", }, { cve: "CVE-2022-36760", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2023-01-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2161777", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy_ajp module of httpd. The connection is not closed when there is an invalid Transfer-Encoding header, allowing an attacker to smuggle requests to the AJP server, where it forwards requests.", title: "Vulnerability description", }, { category: "summary", text: "httpd: mod_proxy_ajp: Possible request smuggling", title: "Vulnerability summary", }, { category: "other", text: "This flaw only affects configurations with mod_proxy_ajp loaded and with an AJP backend configured. If there is no proxy configured to an AJP backend the server is not affected and no further mitigation is needed. For more information about the mitigation, check the mitigation section below.\n\nThe httpd mod_proxy_ajp module is enabled by default on Red Hat Enterprise Linux 6, 7, 8, 9, and in RHSCL. However, there are no directives forwarding requests using the AJP protocol.\n\nThis flaw has been rated as having a security impact of moderate, and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 7. Red Hat Enterprise Linux 7 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.src", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-filesystem-0:2.4.53-7.el9_1.1.noarch", "AppStream-9.1.0.Z.MAIN:httpd-manual-0:2.4.53-7.el9_1.1.noarch", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-36760", }, { category: "external", summary: "RHBZ#2161777", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2161777", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-36760", url: "https://www.cve.org/CVERecord?id=CVE-2022-36760", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-36760", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-36760", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-36760", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-36760", }, ], release_date: "2023-01-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-02-28T08:28:02+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.", product_ids: [ "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.src", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-filesystem-0:2.4.53-7.el9_1.1.noarch", "AppStream-9.1.0.Z.MAIN:httpd-manual-0:2.4.53-7.el9_1.1.noarch", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:0970", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", version: "3.1", }, products: [ "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.src", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-filesystem-0:2.4.53-7.el9_1.1.noarch", "AppStream-9.1.0.Z.MAIN:httpd-manual-0:2.4.53-7.el9_1.1.noarch", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: mod_proxy_ajp: Possible request smuggling", }, { cve: "CVE-2022-37436", cwe: { id: "CWE-113", name: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", }, discovery_date: "2023-01-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2161773", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A malicious backend can cause the response headers to be truncated because they are not cleaned when an error is found while reading them, resulting in some headers being incorporated into the response body and not being interpreted by a client.", title: "Vulnerability description", }, { category: "summary", text: "httpd: mod_proxy: HTTP response splitting", title: "Vulnerability summary", }, { category: "other", text: "This flaw is only exploitable via bad headers generated by a malicious backend or a malicious application.\n\nhttpd as shipped in Red Hat Enterprise Linux 7, 8, 9 and in RHSCL is vulnerable to this flaw. httpd as shipped in Red Hat Enterprise Linux 6 is not affected.\n\nThis flaw has been rated as having a security impact of moderate, and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 7. Red Hat Enterprise Linux 7 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.src", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-filesystem-0:2.4.53-7.el9_1.1.noarch", "AppStream-9.1.0.Z.MAIN:httpd-manual-0:2.4.53-7.el9_1.1.noarch", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-37436", }, { category: "external", summary: "RHBZ#2161773", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2161773", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-37436", url: "https://www.cve.org/CVERecord?id=CVE-2022-37436", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-37436", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-37436", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-37436", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-37436", }, ], release_date: "2023-01-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-02-28T08:28:02+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.", product_ids: [ "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.src", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-filesystem-0:2.4.53-7.el9_1.1.noarch", "AppStream-9.1.0.Z.MAIN:httpd-manual-0:2.4.53-7.el9_1.1.noarch", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:0970", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability. It's recommended to update the affected packages as soon as an update is available.", product_ids: [ "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.src", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-filesystem-0:2.4.53-7.el9_1.1.noarch", "AppStream-9.1.0.Z.MAIN:httpd-manual-0:2.4.53-7.el9_1.1.noarch", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.src", "AppStream-9.1.0.Z.MAIN:httpd-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-core-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-core-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-debugsource-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-devel-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-filesystem-0:2.4.53-7.el9_1.1.noarch", "AppStream-9.1.0.Z.MAIN:httpd-manual-0:2.4.53-7.el9_1.1.noarch", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-tools-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:httpd-tools-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ldap-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ldap-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_lua-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_lua-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_proxy_html-debuginfo-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_session-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_session-debuginfo-0:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ssl-1:2.4.53-7.el9_1.1.x86_64", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.aarch64", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.ppc64le", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.s390x", "AppStream-9.1.0.Z.MAIN:mod_ssl-debuginfo-1:2.4.53-7.el9_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: mod_proxy: HTTP response splitting", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.