rhsa-2023_3354
Vulnerability from csaf_redhat
Published
2023-06-05 12:30
Modified
2024-11-25 08:49
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 security update

Notes

Topic
An update is now available for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 on Red Hat Enterprise Linux versions 7 and 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es): * apr-util: out-of-bounds writes in the apr_base64 (CVE-2022-25147) * curl: HSTS bypass via IDN (CVE-2022-43551) * curl: HTTP Proxy deny use-after-free (CVE-2022-43552) * curl: HSTS ignored on multiple requests (CVE-2023-23914) * curl: HSTS amnesia with --parallel (CVE-2023-23915) * curl: HTTP multi-header compression denial of service (CVE-2023-23916) * curl: TELNET option IAC injection (CVE-2023-27533) * curl: SFTP path ~ resolving discrepancy (CVE-2023-27534) * httpd: mod_dav: out-of-bounds read/write of zero byte (CVE-2006-20001) * httpd: HTTP request splitting with mod_rewrite and mod_proxy (CVE-2023-25690) * openssl: timing attack in RSA Decryption implementation (CVE-2022-4304) * openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450) * openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215) * openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.



{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 on Red Hat Enterprise Linux versions 7 and 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* apr-util: out-of-bounds writes in the apr_base64 (CVE-2022-25147)\n* curl: HSTS bypass via IDN (CVE-2022-43551)\n* curl: HTTP Proxy deny use-after-free (CVE-2022-43552)\n* curl: HSTS ignored on multiple requests (CVE-2023-23914)\n* curl: HSTS amnesia with --parallel (CVE-2023-23915)\n* curl: HTTP multi-header compression denial of service (CVE-2023-23916)\n* curl: TELNET option IAC injection (CVE-2023-27533)\n* curl: SFTP path ~ resolving discrepancy (CVE-2023-27534)\n* httpd: mod_dav: out-of-bounds read/write of zero byte (CVE-2006-20001)\n* httpd: HTTP request splitting with mod_rewrite and mod_proxy (CVE-2023-25690)\n* openssl: timing attack in RSA Decryption implementation (CVE-2022-4304)\n* openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450)\n* openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215)\n* openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2023:3354",
        "url": "https://access.redhat.com/errata/RHSA-2023:3354"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2152639",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152639"
      },
      {
        "category": "external",
        "summary": "2152652",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152652"
      },
      {
        "category": "external",
        "summary": "2161774",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161774"
      },
      {
        "category": "external",
        "summary": "2164440",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440"
      },
      {
        "category": "external",
        "summary": "2164487",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487"
      },
      {
        "category": "external",
        "summary": "2164492",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492"
      },
      {
        "category": "external",
        "summary": "2164494",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494"
      },
      {
        "category": "external",
        "summary": "2167797",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167797"
      },
      {
        "category": "external",
        "summary": "2167813",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167813"
      },
      {
        "category": "external",
        "summary": "2167815",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167815"
      },
      {
        "category": "external",
        "summary": "2169652",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169652"
      },
      {
        "category": "external",
        "summary": "2176209",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176209"
      },
      {
        "category": "external",
        "summary": "2179062",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179062"
      },
      {
        "category": "external",
        "summary": "2179069",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179069"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_3354.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 security update",
    "tracking": {
      "current_release_date": "2024-11-25T08:49:53+00:00",
      "generator": {
        "date": "2024-11-25T08:49:53+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2023:3354",
      "initial_release_date": "2023-06-05T12:30:30+00:00",
      "revision_history": [
        {
          "date": "2023-06-05T12:30:30+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2023-07-18T17:32:46+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-25T08:49:53+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Core Services on RHEL 7 Server",
                "product": {
                  "name": "Red Hat JBoss Core Services on RHEL 7 Server",
                  "product_id": "7Server-JBCS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_core_services:1::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Core Services on RHEL 8",
                "product": {
                  "name": "Red Hat JBoss Core Services on RHEL 8",
                  "product_id": "8Base-JBCS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_core_services:1::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Core Services"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
                "product": {
                  "name": "jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
                  "product_id": "jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1k-14.el7jbcs?arch=src\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
                "product": {
                  "name": "jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
                  "product_id": "jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@8.0.1-1.el7jbcs?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
                "product": {
                  "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
                  "product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-33.el7jbcs?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
                "product": {
                  "name": "jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
                  "product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-18.el7jbcs?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
                "product": {
                  "name": "jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
                  "product_id": "jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.51-39.el7jbcs?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
                "product": {
                  "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
                  "product_id": "jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.18-2.el7jbcs?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
                "product": {
                  "name": "jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
                  "product_id": "jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-24.el7jbcs?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
                "product": {
                  "name": "jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
                  "product_id": "jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.0-20.el7jbcs?arch=src\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
                "product": {
                  "name": "jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
                  "product_id": "jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-23.el7jbcs?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
                "product": {
                  "name": "jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
                  "product_id": "jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-46.redhat_1.el7jbcs?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
                "product": {
                  "name": "jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
                  "product_id": "jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-101.el7jbcs?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
                "product": {
                  "name": "jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
                  "product_id": "jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1k-14.el8jbcs?arch=src\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
                "product": {
                  "name": "jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
                  "product_id": "jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@8.0.1-1.el8jbcs?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
                "product": {
                  "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
                  "product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-33.el8jbcs?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
                "product": {
                  "name": "jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
                  "product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-18.el8jbcs?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
                "product": {
                  "name": "jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
                  "product_id": "jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.51-39.el8jbcs?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
                "product": {
                  "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
                  "product_id": "jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.18-2.el8jbcs?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
                "product": {
                  "name": "jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
                  "product_id": "jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.0-20.el8jbcs?arch=src\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
                "product": {
                  "name": "jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
                  "product_id": "jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-24.el8jbcs?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
                "product": {
                  "name": "jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
                  "product_id": "jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-23.el8jbcs?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
                "product": {
                  "name": "jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
                  "product_id": "jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-46.redhat_1.el8jbcs?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
                "product": {
                  "name": "jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
                  "product_id": "jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-101.el8jbcs?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1k-14.el7jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.1.1k-14.el7jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.1.1k-14.el7jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.1.1k-14.el7jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.1.1k-14.el7jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.1.1k-14.el7jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@8.0.1-1.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@8.0.1-1.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@8.0.1-1.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@8.0.1-1.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-33.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11-debuginfo@0.4.10-33.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-18.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil-debuginfo@1.0.0-18.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.51-39.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.51-39.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.51-39.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.51-39.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.51-39.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.51-39.el7jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.51-39.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.51-39.el7jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.51-39.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.18-2.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster-debuginfo@1.3.18-2.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-24.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.3-24.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.0-20.el7jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.4.0-20.el7jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-23.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.19-23.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.48-46.redhat_1.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.48-46.redhat_1.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-101.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-101.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-101.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-101.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-101.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-101.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-101.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-101.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-101.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-101.el7jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1k-14.el8jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.1.1k-14.el8jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.1.1k-14.el8jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.1.1k-14.el8jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.1.1k-14.el8jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.1.1k-14.el8jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs-debuginfo@1.1.1k-14.el8jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@8.0.1-1.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@8.0.1-1.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@8.0.1-1.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@8.0.1-1.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-debuginfo@8.0.1-1.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-33.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11-debuginfo@0.4.10-33.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-18.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil-debuginfo@1.0.0-18.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.51-39.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.51-39.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.51-39.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.51-39.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.51-39.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.51-39.el8jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.51-39.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.51-39.el8jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.51-39.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools-debuginfo@2.4.51-39.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap-debuginfo@2.4.51-39.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html-debuginfo@2.4.51-39.el8jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session-debuginfo@2.4.51-39.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl-debuginfo@2.4.51-39.el8jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.18-2.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster-debuginfo@1.3.18-2.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.0-20.el8jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.4.0-20.el8jbcs?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-24.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.3-24.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-23.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.19-23.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.48-46.redhat_1.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24-debuginfo@1.2.48-46.redhat_1.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-101.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-101.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-101.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-101.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-101.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-101.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-101.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-101.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-101.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-101.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap-debuginfo@1.6.1-101.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql-debuginfo@1.6.1-101.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss-debuginfo@1.6.1-101.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc-debuginfo@1.6.1-101.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl-debuginfo@1.6.1-101.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql-debuginfo@1.6.1-101.el8jbcs?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                "product": {
                  "name": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                  "product_id": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite-debuginfo@1.6.1-101.el8jbcs?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
                "product": {
                  "name": "jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
                  "product_id": "jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.51-39.el7jbcs?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
                "product": {
                  "name": "jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
                  "product_id": "jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.51-39.el8jbcs?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src"
        },
        "product_reference": "jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src"
        },
        "product_reference": "jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src"
        },
        "product_reference": "jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch"
        },
        "product_reference": "jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src"
        },
        "product_reference": "jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src"
        },
        "product_reference": "jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src"
        },
        "product_reference": "jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src"
        },
        "product_reference": "jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src"
        },
        "product_reference": "jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src"
        },
        "product_reference": "jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src"
        },
        "product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src"
        },
        "product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
          "product_id": "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
        "relates_to_product_reference": "7Server-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src"
        },
        "product_reference": "jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src"
        },
        "product_reference": "jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src"
        },
        "product_reference": "jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch"
        },
        "product_reference": "jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src"
        },
        "product_reference": "jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src"
        },
        "product_reference": "jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src"
        },
        "product_reference": "jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src"
        },
        "product_reference": "jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src"
        },
        "product_reference": "jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src"
        },
        "product_reference": "jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src"
        },
        "product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src"
        },
        "product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
          "product_id": "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64",
        "relates_to_product_reference": "8Base-JBCS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2006-20001",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "discovery_date": "2023-01-17T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2161774"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the mod_dav module of httpd. A specially crafted \"If:\" request header can cause a memory read or write of a single zero byte due to a missing error check, resulting in a Denial of Service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: mod_dav: out-of-bounds read/write of zero byte",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw only affects configurations with mod_dav loaded and configured. Also, if there is no WebDAV repository configured, the server is not affected and no further mitigation is needed. For more information about the mitigation, check the mitigation section below.\n\nThe httpd mod_dav module is enabled by default on Red Hat Enterprise Linux 6, 7, 8, 9, and in RHSCL. However, there is no WebDAV repository configured by default.\n\nThis flaw has been rated as having a security impact of moderate, and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 7. Red Hat Enterprise Linux 7 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
          "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
          "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64"
        ],
        "known_not_affected": [
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2006-20001"
        },
        {
          "category": "external",
          "summary": "RHBZ#2161774",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161774"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2006-20001",
          "url": "https://www.cve.org/CVERecord?id=CVE-2006-20001"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-20001",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-20001"
        },
        {
          "category": "external",
          "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2006-20001",
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2006-20001"
        }
      ],
      "release_date": "2023-01-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-05T12:30:30+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nApplications using the APR libraries, such as httpd, must be restarted for this update to take effect. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
            "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
            "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3354"
        },
        {
          "category": "workaround",
          "details": "Disabling mod_dav and restarting httpd will mitigate this flaw.",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
            "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
            "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
            "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
            "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "httpd: mod_dav: out-of-bounds read/write of zero byte"
    },
    {
      "cve": "CVE-2022-4304",
      "discovery_date": "2023-01-25T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
            "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
            "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2164487"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages for decryption. This issue affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP, and RSASVE.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: timing attack in RSA Decryption implementation",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
        ],
        "known_not_affected": [
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
          "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
          "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-4304"
        },
        {
          "category": "external",
          "summary": "RHBZ#2164487",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-4304",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304"
        },
        {
          "category": "external",
          "summary": "https://www.openssl.org/news/secadv/20230207.txt",
          "url": "https://www.openssl.org/news/secadv/20230207.txt"
        }
      ],
      "release_date": "2023-02-07T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-05T12:30:30+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nApplications using the APR libraries, such as httpd, must be restarted for this update to take effect. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3354"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: timing attack in RSA Decryption implementation"
    },
    {
      "cve": "CVE-2022-4450",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "discovery_date": "2023-01-25T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
            "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
            "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2164494"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A double-free vulnerability was found in OpenSSL\u0027s PEM_read_bio_ex function. The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (for example, \"CERTIFICATE\"), any header data, and the payload data. If the function succeeds, then the \"name_out,\" \"header,\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. Constructing a PEM file that results in 0 bytes of payload data is possible. In this case, PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a freed buffer. A double-free will occur if the caller also frees this buffer. This will most likely lead to a crash. This could be exploited by an attacker who can supply malicious PEM files for parsing to achieve a denial of service attack.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: double free after calling PEM_read_bio_ex",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw is rated as having a Moderate impact as it is less easily exploited and is only vulnerable in unlikely configurations. Additionally, the upstream advisory (linked in External References) also rates it as Moderate.\n\nThe versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are shipping OpenSSL 1.1.1 and 1.0.2, which do not contain the incorrect code, so those are not affected by this CVE.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
        ],
        "known_not_affected": [
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
          "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
          "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-4450"
        },
        {
          "category": "external",
          "summary": "RHBZ#2164494",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-4450",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450"
        },
        {
          "category": "external",
          "summary": "https://www.openssl.org/news/secadv/20230207.txt",
          "url": "https://www.openssl.org/news/secadv/20230207.txt"
        }
      ],
      "release_date": "2023-02-07T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-05T12:30:30+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nApplications using the APR libraries, such as httpd, must be restarted for this update to take effect. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3354"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: double free after calling PEM_read_bio_ex"
    },
    {
      "cve": "CVE-2022-25147",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2023-02-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
            "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
            "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2169652"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Apache Portable Runtime Utility (APR-util) library. This issue may allow a malicious attacker to cause an out-of-bounds write due to an integer overflow when encoding/decoding a very long string using the base64 family of functions.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "apr-util: out-of-bounds writes in the apr_base64",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The Apache Portable Runtime Utility (APR-util) library contains additional utility interfaces for APR (Apache Portable Runtime). \nThis vulnerability is related to the incorrect usage of the base64 encoding/decoding family of functions through APR-util API.\nUsage of these functions with long enough string would cause integer overflow and will lead to out-of-bound write.\n\nThis flaw was rated with an important severity for a moment as Red Hat received information that this vulnerability potentially can allow remote attackers to cause a denial of service to the application linked to the APR-util library. Deep analysis confirmed that there are no known conditions that could lead to DoS. \nAdditionally the APR-util API should not be exposed to the untrusted uploads and usage.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64"
        ],
        "known_not_affected": [
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
          "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
          "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-25147"
        },
        {
          "category": "external",
          "summary": "RHBZ#2169652",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169652"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25147",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-25147"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25147",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25147"
        }
      ],
      "release_date": "2023-01-31T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-05T12:30:30+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nApplications using the APR libraries, such as httpd, must be restarted for this update to take effect. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3354"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "apr-util: out-of-bounds writes in the apr_base64"
    },
    {
      "cve": "CVE-2022-43551",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "discovery_date": "2022-12-12T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
            "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
            "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2152639"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in curl. The issue can occur when curl\u0027s HSTS check is bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of an insecure clear-text HTTP step even when providing HTTP in the URL. Suppose the hostname in the given URL first uses IDN characters that get replaced with ASCII counterparts as part of the IDN conversion. In that case, it can bypass the HSTS mechanism using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop (U+002E). Then in a subsequent request, it does not detect the HSTS state and makes a clear text transfer. Because it would store the information, IDN encoded but looked for it as IDN decoded.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "curl: HSTS bypass via IDN",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64"
        ],
        "known_not_affected": [
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
          "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
          "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-43551"
        },
        {
          "category": "external",
          "summary": "RHBZ#2152639",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152639"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-43551",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43551",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43551"
        },
        {
          "category": "external",
          "summary": "https://curl.se/docs/CVE-2022-43551.html",
          "url": "https://curl.se/docs/CVE-2022-43551.html"
        }
      ],
      "release_date": "2022-12-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-05T12:30:30+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nApplications using the APR libraries, such as httpd, must be restarted for this update to take effect. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3354"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "curl: HSTS bypass via IDN"
    },
    {
      "cve": "CVE-2022-43552",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2022-12-12T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
            "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
            "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2152652"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in curl. In this issue, curl can be asked to tunnel all protocols virtually it supports through an HTTP proxy. HTTP proxies can deny these tunnel operations using an appropriate HTTP error response code. When getting denied to tunnel the specific SMB or TELNET protocols, curl can use a heap-allocated struct after it has been freed and shut down the code path in its transfer.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "curl: Use-after-free triggered by an HTTP proxy deny response",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Potential successful exploitation will cause the curl to crash, which generates a low impact to the environment where the curl is used. Additionally, exploitation depends on the conditions that are out of the attacker\u0027s control, like usage of specific protocols (SMB or TELNET) and HTTP proxy tunnels at the same time. Due to these facts, this vulnerability has been classified as a Low severity issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64"
        ],
        "known_not_affected": [
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
          "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
          "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-43552"
        },
        {
          "category": "external",
          "summary": "RHBZ#2152652",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152652"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-43552",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43552",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43552"
        },
        {
          "category": "external",
          "summary": "https://curl.se/docs/CVE-2022-43552.html",
          "url": "https://curl.se/docs/CVE-2022-43552.html"
        }
      ],
      "release_date": "2022-12-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-05T12:30:30+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nApplications using the APR libraries, such as httpd, must be restarted for this update to take effect. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3354"
        },
        {
          "category": "workaround",
          "details": "Avoid using the SMB and TELNET protocols.",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
            "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
            "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "curl: Use-after-free triggered by an HTTP proxy deny response"
    },
    {
      "cve": "CVE-2023-0215",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2023-01-25T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
            "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
            "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2164492"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free vulnerability was found in OpenSSL\u0027s BIO_new_NDEF function. The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally by OpenSSL to support the SMIME, CMS, and PKCS7 streaming capabilities, but it may also be called directly by end-user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions. For example, if a CMS recipient public key is invalid, the new filter BIO is freed, and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up, and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then calls BIO_pop() on the BIO, a use-after-free will occur, possibly resulting in a crash.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: use-after-free following BIO_new_NDEF",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability has been rated as having a moderate impact in alignment with upstream. See the security advisory linked in external references.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
        ],
        "known_not_affected": [
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
          "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
          "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-0215"
        },
        {
          "category": "external",
          "summary": "RHBZ#2164492",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0215",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215"
        },
        {
          "category": "external",
          "summary": "https://www.openssl.org/news/secadv/20230207.txt",
          "url": "https://www.openssl.org/news/secadv/20230207.txt"
        }
      ],
      "release_date": "2023-02-07T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-05T12:30:30+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nApplications using the APR libraries, such as httpd, must be restarted for this update to take effect. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3354"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: use-after-free following BIO_new_NDEF"
    },
    {
      "cve": "CVE-2023-0286",
      "cwe": {
        "id": "CWE-704",
        "name": "Incorrect Type Conversion or Cast"
      },
      "discovery_date": "2023-01-25T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
            "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
            "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2164440"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled (for example, the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or cause a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, of which neither needs a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. In this case, this vulnerability is likely only to affect applications that have implemented their own functionality for retrieving CRLs over a network.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: X.400 address type confusion in X.509 GeneralName",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "For shim in Red Hat Enterprise Linux 8 \u0026 9, is not affected as shim doesn\u0027t support any CRL processing.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
        ],
        "known_not_affected": [
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
          "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
          "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-0286"
        },
        {
          "category": "external",
          "summary": "RHBZ#2164440",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0286",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286"
        },
        {
          "category": "external",
          "summary": "https://www.openssl.org/news/secadv/20230207.txt",
          "url": "https://www.openssl.org/news/secadv/20230207.txt"
        }
      ],
      "release_date": "2023-02-07T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-05T12:30:30+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nApplications using the APR libraries, such as httpd, must be restarted for this update to take effect. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3354"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
            "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
            "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "openssl: X.400 address type confusion in X.509 GeneralName"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Harry Sintonen"
          ]
        }
      ],
      "cve": "CVE-2023-23914",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "discovery_date": "2023-02-07T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
            "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
            "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2167797"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Curl package, where the HSTS mechanism would be ignored by subsequent transfers when done on the same command line because the state would not be properly carried. This issue may result in limited confidentiality and integrity.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "curl: HSTS ignored on multiple requests",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is a curl command line issue and does not affect libcurl.\nThere is no HSTS support in the versions of curl shipped in rhel-7 and rhel-8. Curl packages as shipped in rhel-9 do not support HSTS.\nUpstream has rated this as a Low Severity issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64"
        ],
        "known_not_affected": [
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
          "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
          "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-23914"
        },
        {
          "category": "external",
          "summary": "RHBZ#2167797",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167797"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-23914",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23914",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23914"
        },
        {
          "category": "external",
          "summary": "https://curl.se/docs/CVE-2023-23914.html",
          "url": "https://curl.se/docs/CVE-2023-23914.html"
        }
      ],
      "release_date": "2023-02-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-05T12:30:30+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nApplications using the APR libraries, such as httpd, must be restarted for this update to take effect. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3354"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "curl: HSTS ignored on multiple requests"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Harry Sintonen"
          ]
        }
      ],
      "cve": "CVE-2023-23915",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "discovery_date": "2023-02-07T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
            "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
            "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2167813"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Curl package, where the HSTS mechanism could fail when multiple transfers are done in parallel, as the HSTS cache file gets overwritten by the most recently completed transfer. This issue may result in limited confidentiality and integrity.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "curl: HSTS amnesia with --parallel",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "There is no HSTS support in the versions of curl shipped in rhel-7 and rhel-8. Curl packages as shipped in rhel-9 do not support HSTS.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64"
        ],
        "known_not_affected": [
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
          "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
          "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-23915"
        },
        {
          "category": "external",
          "summary": "RHBZ#2167813",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167813"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-23915",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23915",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23915"
        },
        {
          "category": "external",
          "summary": "https://curl.se/docs/CVE-2023-23915.html",
          "url": "https://curl.se/docs/CVE-2023-23915.html"
        }
      ],
      "release_date": "2023-02-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-05T12:30:30+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nApplications using the APR libraries, such as httpd, must be restarted for this update to take effect. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3354"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "curl: HSTS amnesia with --parallel"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Patrick Monnerat"
          ]
        }
      ],
      "cve": "CVE-2023-23916",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2023-02-07T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
            "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
            "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2167815"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Curl package. A malicious server can insert an unlimited number of compression steps. This decompression chain could result in out-of-memory errors.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "curl: HTTP multi-header compression denial of service",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64"
        ],
        "known_not_affected": [
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
          "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
          "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-23916"
        },
        {
          "category": "external",
          "summary": "RHBZ#2167815",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167815"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-23916",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23916",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23916"
        },
        {
          "category": "external",
          "summary": "https://curl.se/docs/CVE-2023-23916.html",
          "url": "https://curl.se/docs/CVE-2023-23916.html"
        }
      ],
      "release_date": "2023-02-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-05T12:30:30+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nApplications using the APR libraries, such as httpd, must be restarted for this update to take effect. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3354"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "curl: HTTP multi-header compression denial of service"
    },
    {
      "cve": "CVE-2023-25690",
      "cwe": {
        "id": "CWE-113",
        "name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
      },
      "discovery_date": "2023-03-07T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2176209"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in httpd. This security issue occurs when some mod_proxy configurations on Apache HTTP Server allow an HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: HTTP request splitting with mod_rewrite and mod_proxy",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
          "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
          "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64"
        ],
        "known_not_affected": [
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-25690"
        },
        {
          "category": "external",
          "summary": "RHBZ#2176209",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176209"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-25690",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-25690"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25690",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25690"
        },
        {
          "category": "external",
          "summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "release_date": "2023-03-07T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-05T12:30:30+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nApplications using the APR libraries, such as httpd, must be restarted for this update to take effect. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
            "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
            "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3354"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
            "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
            "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "httpd: HTTP request splitting with mod_rewrite and mod_proxy"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Daniel Stenberg",
            "Harry Sintonen"
          ]
        }
      ],
      "cve": "CVE-2023-27533",
      "cwe": {
        "id": "CWE-75",
        "name": "Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)"
      },
      "discovery_date": "2023-03-16T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
            "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
            "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2179062"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in input validation exists in curl \u003c8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and \"telnet options\" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application\u0027s intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "curl: TELNET option IAC injection",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "While this vulnerability exists in Curl, the potential impact is to a different component. The overall impact is limited to the telnet component. On its own this flaw has a limited to negligible effect on integrity of the entire system, therefore it has been rated as having a Low security impact. This is in alignment with upstream\u2019s impact assessment, their advisory is linked in external references.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64"
        ],
        "known_not_affected": [
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
          "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
          "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-27533"
        },
        {
          "category": "external",
          "summary": "RHBZ#2179062",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179062"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-27533",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27533",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27533"
        },
        {
          "category": "external",
          "summary": "https://curl.se/docs/CVE-2023-27533.html",
          "url": "https://curl.se/docs/CVE-2023-27533.html"
        }
      ],
      "release_date": "2023-03-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-05T12:30:30+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nApplications using the APR libraries, such as httpd, must be restarted for this update to take effect. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3354"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "curl: TELNET option IAC injection"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Daniel Stenberg",
            "Harry Sintonen"
          ]
        }
      ],
      "cve": "CVE-2023-27534",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2023-03-16T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
            "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
            "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2179069"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A path traversal vulnerability exists in curl \u003c8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user\u0027s home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "curl: SFTP path ~ resolving discrepancy",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In a containerized environment running SELinux in enforcing mode, such as Red Hat OpenShift Container Platform, this vulnerability does not allow an attacker to escape the boundary of a container. In this case no additional access is gained, there is an additional (but more complicated step) to look at files the user already has access to.\n\nThe upstream project (Curl) also rated this CVE as Low, see link in External References.\n\nIt is unlikely that Red Hat offerings are utilizing the SFTP feature of Curl, so the opportunity to exploit it may not exist. For those reasons Red Hat Product Security rates the impact as Low.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64"
        ],
        "known_not_affected": [
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el7jbcs.noarch",
          "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-46.redhat_1.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.src",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el7jbcs.x86_64",
          "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el7jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-101.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-39.el8jbcs.noarch",
          "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-23.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-46.redhat_1.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-46.redhat_1.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-20.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.18-2.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-24.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-39.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-18.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-14.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.src",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-33.el8jbcs.x86_64",
          "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-14.el8jbcs.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-27534"
        },
        {
          "category": "external",
          "summary": "RHBZ#2179069",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179069"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-27534",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27534",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27534"
        },
        {
          "category": "external",
          "summary": "https://curl.se/docs/CVE-2023-27534.html",
          "url": "https://curl.se/docs/CVE-2023-27534.html"
        }
      ],
      "release_date": "2023-03-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-05T12:30:30+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nApplications using the APR libraries, such as httpd, must be restarted for this update to take effect. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3354"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.src",
            "7Server-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el7jbcs.x86_64",
            "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el7jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.src",
            "8Base-JBCS:jbcs-httpd24-curl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:8.0.1-1.el8jbcs.x86_64",
            "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:8.0.1-1.el8jbcs.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "curl: SFTP path ~ resolving discrepancy"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.