RHSA-2026:34109

Vulnerability from csaf_redhat - Published: 2026-07-01 09:31 - Updated: 2026-07-01 14:07
Summary
Red Hat Security Advisory: httpd security, bug fix, and enhancement update
Severity
Important
Notes
Topic: An update for httpd is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * httpd: incomplete fix for CVE-2023-38709 (CVE-2024-42516) * httpd: NULL pointer dereference via specially crafted request (CVE-2026-29169) * httpd: Apache HTTP Server: Heap-based Buffer Overflow via malicious backend servers (CVE-2026-34356) * httpd: Apache HTTP Server: Buffer Over-read via outbound OCSP requests to attacker-controlled server (CVE-2026-44185) * httpd: Apache HTTP Server: Denial of Service via crafted regular expressions (CVE-2026-44631) * httpd: Apache HTTP Server: Heap-based Buffer Overflow via untrusted content in mod_xml2enc (CVE-2026-42536) * httpd: Apache HTTP Server: Buffer overflow in mod_proxy_html allows security bypass (CVE-2026-34355) Bug Fix(es) and Enhancement(s): * address Moderate severity issues from httpd 2.4.68 [rhel-10.2.z] (JIRA:RHEL-184518) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

A flaw was found in httpd. The response headers are not sanitized before an HTTP response is sent when a malicious backend can insert a Content-Type, Content-Encoding, or some other headers. These issues lead to HTTP response splitting. This CVE provides a "complete" fix for CVE-2023-38709.

CWE-93 - Improper Neutralization of CRLF Sequences ('CRLF Injection')
Affected products
Product Identifier Version Remediation
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Threats
Impact Moderate

A flaw was found in the mod_dav_lock module of httpd. This vulnerability allows a remote unauthenticated attacker to crash the server due to a NULL pointer dereference via a specially crafted request.

CWE-476 - NULL Pointer Dereference
Affected products
Product Identifier Version Remediation
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Threats
Impact Low

A vulnerability has been identified in the Apache HTTP Server. If the server is configured to connect to a malicious or compromised backend server, an attacker could exploit this flaw to bypass security controls or run unauthorized code on the system.

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Affected products
Product Identifier Version Remediation
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Threats
Impact Important

A flaw was found in Apache HTTP Server. This heap-based buffer overflow vulnerability can be exploited by a malicious backend server when using ProxyPassReverseCookie* directives. This could lead to a denial of service (DoS) condition, making the server unavailable to legitimate users.

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Affected products
Product Identifier Version Remediation
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Threats
Impact Moderate

A flaw was found in Apache HTTP Server, specifically within the mod_xml2enc module. This heap-based buffer overflow vulnerability can be triggered when processing untrusted content through the xml2StartParse function. A remote attacker could potentially exploit this to cause a denial of service, information disclosure, or possibly arbitrary code execution.

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Affected products
Product Identifier Version Remediation
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Threats
Impact Important

A flaw was found in Apache HTTP Server. This buffer over-read vulnerability occurs when the server processes outbound Online Certificate Status Protocol (OCSP) requests directed to an attacker-controlled OCSP server. This could allow a remote attacker to read sensitive information from memory or cause a denial of service.

CWE-125 - Out-of-bounds Read
Affected products
Product Identifier Version Remediation
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Threats
Impact Important

A flaw was found in Apache HTTP Server. This buffer underwrite vulnerability occurs when processing crafted regular expressions in the server's configuration. An attacker could potentially exploit this to cause a denial of service.

CWE-124 - Buffer Underwrite ('Buffer Underflow')
Affected products
Product Identifier Version Remediation
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x
Vendor Fix fix
Workaround
Unresolved product id: AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64
Vendor Fix fix
Workaround
Threats
Impact Moderate
References
URL Category
https://access.redhat.com/errata/RHSA-2026:34109 self
https://access.redhat.com/security/updates/classi… external
https://bugzilla.redhat.com/show_bug.cgi?id=2374549 external
https://bugzilla.redhat.com/show_bug.cgi?id=2465296 external
https://bugzilla.redhat.com/show_bug.cgi?id=2486395 external
https://bugzilla.redhat.com/show_bug.cgi?id=2486397 external
https://bugzilla.redhat.com/show_bug.cgi?id=2486399 external
https://bugzilla.redhat.com/show_bug.cgi?id=2486411 external
https://bugzilla.redhat.com/show_bug.cgi?id=2486414 external
https://security.access.redhat.com/data/csaf/v2/a… self
https://access.redhat.com/security/cve/CVE-2024-42516 self
https://bugzilla.redhat.com/show_bug.cgi?id=2374549 external
https://www.cve.org/CVERecord?id=CVE-2024-42516 external
https://nvd.nist.gov/vuln/detail/CVE-2024-42516 external
https://httpd.apache.org/security/vulnerabilities… external
https://access.redhat.com/security/cve/CVE-2026-29169 self
https://bugzilla.redhat.com/show_bug.cgi?id=2465296 external
https://www.cve.org/CVERecord?id=CVE-2026-29169 external
https://nvd.nist.gov/vuln/detail/CVE-2026-29169 external
https://access.redhat.com/security/cve/CVE-2026-34355 self
https://bugzilla.redhat.com/show_bug.cgi?id=2486414 external
https://www.cve.org/CVERecord?id=CVE-2026-34355 external
https://nvd.nist.gov/vuln/detail/CVE-2026-34355 external
https://access.redhat.com/security/cve/CVE-2026-34356 self
https://bugzilla.redhat.com/show_bug.cgi?id=2486395 external
https://www.cve.org/CVERecord?id=CVE-2026-34356 external
https://nvd.nist.gov/vuln/detail/CVE-2026-34356 external
https://access.redhat.com/security/cve/CVE-2026-42536 self
https://bugzilla.redhat.com/show_bug.cgi?id=2486411 external
https://www.cve.org/CVERecord?id=CVE-2026-42536 external
https://nvd.nist.gov/vuln/detail/CVE-2026-42536 external
https://access.redhat.com/security/cve/CVE-2026-44185 self
https://bugzilla.redhat.com/show_bug.cgi?id=2486397 external
https://www.cve.org/CVERecord?id=CVE-2026-44185 external
https://nvd.nist.gov/vuln/detail/CVE-2026-44185 external
https://access.redhat.com/security/cve/CVE-2026-44631 self
https://bugzilla.redhat.com/show_bug.cgi?id=2486399 external
https://www.cve.org/CVERecord?id=CVE-2026-44631 external
https://nvd.nist.gov/vuln/detail/CVE-2026-44631 external

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for httpd is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: incomplete fix for CVE-2023-38709 (CVE-2024-42516)\n\n* httpd: NULL pointer dereference via specially crafted request (CVE-2026-29169)\n\n* httpd: Apache HTTP Server: Heap-based Buffer Overflow via malicious backend servers (CVE-2026-34356)\n\n* httpd: Apache HTTP Server: Buffer Over-read via outbound OCSP requests to attacker-controlled server (CVE-2026-44185)\n\n* httpd: Apache HTTP Server: Denial of Service via crafted regular expressions (CVE-2026-44631)\n\n* httpd: Apache HTTP Server: Heap-based Buffer Overflow via untrusted content in mod_xml2enc (CVE-2026-42536)\n\n* httpd: Apache HTTP Server: Buffer overflow in mod_proxy_html allows security bypass (CVE-2026-34355)\n\nBug Fix(es) and Enhancement(s):\n\n* address Moderate severity issues from httpd 2.4.68 [rhel-10.2.z] (JIRA:RHEL-184518)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:34109",
        "url": "https://access.redhat.com/errata/RHSA-2026:34109"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2374549",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374549"
      },
      {
        "category": "external",
        "summary": "2465296",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2465296"
      },
      {
        "category": "external",
        "summary": "2486395",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486395"
      },
      {
        "category": "external",
        "summary": "2486397",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486397"
      },
      {
        "category": "external",
        "summary": "2486399",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486399"
      },
      {
        "category": "external",
        "summary": "2486411",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486411"
      },
      {
        "category": "external",
        "summary": "2486414",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486414"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_34109.json"
      }
    ],
    "title": "Red Hat Security Advisory: httpd security, bug fix, and enhancement update",
    "tracking": {
      "current_release_date": "2026-07-01T14:07:11+00:00",
      "generator": {
        "date": "2026-07-01T14:07:11+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.3.1"
        }
      },
      "id": "RHSA-2026:34109",
      "initial_release_date": "2026-07-01T09:31:08+00:00",
      "revision_history": [
        {
          "date": "2026-07-01T09:31:08+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-07-01T09:31:08+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-07-01T14:07:11+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AppStream (v. 10)",
                "product": {
                  "name": "Red Hat Enterprise Linux AppStream (v. 10)",
                  "product_id": "AppStream-10.2.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:10.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-0:2.4.63-13.el10_2.4.src",
                "product": {
                  "name": "httpd-0:2.4.63-13.el10_2.4.src",
                  "product_id": "httpd-0:2.4.63-13.el10_2.4.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd@2.4.63-13.el10_2.4?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-0:2.4.63-13.el10_2.4.aarch64",
                "product": {
                  "name": "httpd-0:2.4.63-13.el10_2.4.aarch64",
                  "product_id": "httpd-0:2.4.63-13.el10_2.4.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd@2.4.63-13.el10_2.4?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-core-0:2.4.63-13.el10_2.4.aarch64",
                "product": {
                  "name": "httpd-core-0:2.4.63-13.el10_2.4.aarch64",
                  "product_id": "httpd-core-0:2.4.63-13.el10_2.4.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-core@2.4.63-13.el10_2.4?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
                "product": {
                  "name": "httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
                  "product_id": "httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-devel@2.4.63-13.el10_2.4?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
                "product": {
                  "name": "httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
                  "product_id": "httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-tools@2.4.63-13.el10_2.4?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
                "product": {
                  "name": "mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
                  "product_id": "mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ldap@2.4.63-13.el10_2.4?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_lua-0:2.4.63-13.el10_2.4.aarch64",
                "product": {
                  "name": "mod_lua-0:2.4.63-13.el10_2.4.aarch64",
                  "product_id": "mod_lua-0:2.4.63-13.el10_2.4.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_lua@2.4.63-13.el10_2.4?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
                "product": {
                  "name": "mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
                  "product_id": "mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_proxy_html@2.4.63-13.el10_2.4?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_session-0:2.4.63-13.el10_2.4.aarch64",
                "product": {
                  "name": "mod_session-0:2.4.63-13.el10_2.4.aarch64",
                  "product_id": "mod_session-0:2.4.63-13.el10_2.4.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_session@2.4.63-13.el10_2.4?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
                "product": {
                  "name": "mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
                  "product_id": "mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl@2.4.63-13.el10_2.4?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
                "product": {
                  "name": "httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
                  "product_id": "httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debugsource@2.4.63-13.el10_2.4?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
                "product": {
                  "name": "httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
                  "product_id": "httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-core-debuginfo@2.4.63-13.el10_2.4?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
                "product": {
                  "name": "httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
                  "product_id": "httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.63-13.el10_2.4?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
                "product": {
                  "name": "httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
                  "product_id": "httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.63-13.el10_2.4?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
                "product": {
                  "name": "mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
                  "product_id": "mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.63-13.el10_2.4?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
                "product": {
                  "name": "mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
                  "product_id": "mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_lua-debuginfo@2.4.63-13.el10_2.4?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
                "product": {
                  "name": "mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
                  "product_id": "mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.63-13.el10_2.4?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
                "product": {
                  "name": "mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
                  "product_id": "mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.63-13.el10_2.4?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
                "product": {
                  "name": "mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
                  "product_id": "mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.63-13.el10_2.4?arch=aarch64\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-0:2.4.63-13.el10_2.4.ppc64le",
                "product": {
                  "name": "httpd-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_id": "httpd-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd@2.4.63-13.el10_2.4?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
                "product": {
                  "name": "httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_id": "httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-core@2.4.63-13.el10_2.4?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
                "product": {
                  "name": "httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_id": "httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-devel@2.4.63-13.el10_2.4?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
                "product": {
                  "name": "httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_id": "httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-tools@2.4.63-13.el10_2.4?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
                "product": {
                  "name": "mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_id": "mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ldap@2.4.63-13.el10_2.4?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
                "product": {
                  "name": "mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_id": "mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_lua@2.4.63-13.el10_2.4?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
                "product": {
                  "name": "mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
                  "product_id": "mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_proxy_html@2.4.63-13.el10_2.4?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_session-0:2.4.63-13.el10_2.4.ppc64le",
                "product": {
                  "name": "mod_session-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_id": "mod_session-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_session@2.4.63-13.el10_2.4?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
                "product": {
                  "name": "mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
                  "product_id": "mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl@2.4.63-13.el10_2.4?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
                "product": {
                  "name": "httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_id": "httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debugsource@2.4.63-13.el10_2.4?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
                "product": {
                  "name": "httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_id": "httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-core-debuginfo@2.4.63-13.el10_2.4?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
                "product": {
                  "name": "httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_id": "httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.63-13.el10_2.4?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
                "product": {
                  "name": "httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_id": "httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.63-13.el10_2.4?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
                "product": {
                  "name": "mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_id": "mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.63-13.el10_2.4?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
                "product": {
                  "name": "mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_id": "mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_lua-debuginfo@2.4.63-13.el10_2.4?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
                "product": {
                  "name": "mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
                  "product_id": "mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.63-13.el10_2.4?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
                "product": {
                  "name": "mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_id": "mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.63-13.el10_2.4?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
                "product": {
                  "name": "mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
                  "product_id": "mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.63-13.el10_2.4?arch=ppc64le\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-0:2.4.63-13.el10_2.4.x86_64",
                "product": {
                  "name": "httpd-0:2.4.63-13.el10_2.4.x86_64",
                  "product_id": "httpd-0:2.4.63-13.el10_2.4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd@2.4.63-13.el10_2.4?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-core-0:2.4.63-13.el10_2.4.x86_64",
                "product": {
                  "name": "httpd-core-0:2.4.63-13.el10_2.4.x86_64",
                  "product_id": "httpd-core-0:2.4.63-13.el10_2.4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-core@2.4.63-13.el10_2.4?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
                "product": {
                  "name": "httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
                  "product_id": "httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-devel@2.4.63-13.el10_2.4?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
                "product": {
                  "name": "httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
                  "product_id": "httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-tools@2.4.63-13.el10_2.4?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
                "product": {
                  "name": "mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
                  "product_id": "mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ldap@2.4.63-13.el10_2.4?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_lua-0:2.4.63-13.el10_2.4.x86_64",
                "product": {
                  "name": "mod_lua-0:2.4.63-13.el10_2.4.x86_64",
                  "product_id": "mod_lua-0:2.4.63-13.el10_2.4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_lua@2.4.63-13.el10_2.4?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
                "product": {
                  "name": "mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
                  "product_id": "mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_proxy_html@2.4.63-13.el10_2.4?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_session-0:2.4.63-13.el10_2.4.x86_64",
                "product": {
                  "name": "mod_session-0:2.4.63-13.el10_2.4.x86_64",
                  "product_id": "mod_session-0:2.4.63-13.el10_2.4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_session@2.4.63-13.el10_2.4?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
                "product": {
                  "name": "mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
                  "product_id": "mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl@2.4.63-13.el10_2.4?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
                "product": {
                  "name": "httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
                  "product_id": "httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debugsource@2.4.63-13.el10_2.4?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
                "product": {
                  "name": "httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
                  "product_id": "httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-core-debuginfo@2.4.63-13.el10_2.4?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
                "product": {
                  "name": "httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
                  "product_id": "httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.63-13.el10_2.4?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
                "product": {
                  "name": "httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
                  "product_id": "httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.63-13.el10_2.4?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
                "product": {
                  "name": "mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
                  "product_id": "mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.63-13.el10_2.4?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
                "product": {
                  "name": "mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
                  "product_id": "mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_lua-debuginfo@2.4.63-13.el10_2.4?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
                "product": {
                  "name": "mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
                  "product_id": "mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.63-13.el10_2.4?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
                "product": {
                  "name": "mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
                  "product_id": "mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.63-13.el10_2.4?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
                "product": {
                  "name": "mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
                  "product_id": "mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.63-13.el10_2.4?arch=x86_64\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-0:2.4.63-13.el10_2.4.s390x",
                "product": {
                  "name": "httpd-0:2.4.63-13.el10_2.4.s390x",
                  "product_id": "httpd-0:2.4.63-13.el10_2.4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd@2.4.63-13.el10_2.4?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-core-0:2.4.63-13.el10_2.4.s390x",
                "product": {
                  "name": "httpd-core-0:2.4.63-13.el10_2.4.s390x",
                  "product_id": "httpd-core-0:2.4.63-13.el10_2.4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-core@2.4.63-13.el10_2.4?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-devel-0:2.4.63-13.el10_2.4.s390x",
                "product": {
                  "name": "httpd-devel-0:2.4.63-13.el10_2.4.s390x",
                  "product_id": "httpd-devel-0:2.4.63-13.el10_2.4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-devel@2.4.63-13.el10_2.4?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-tools-0:2.4.63-13.el10_2.4.s390x",
                "product": {
                  "name": "httpd-tools-0:2.4.63-13.el10_2.4.s390x",
                  "product_id": "httpd-tools-0:2.4.63-13.el10_2.4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-tools@2.4.63-13.el10_2.4?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ldap-0:2.4.63-13.el10_2.4.s390x",
                "product": {
                  "name": "mod_ldap-0:2.4.63-13.el10_2.4.s390x",
                  "product_id": "mod_ldap-0:2.4.63-13.el10_2.4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ldap@2.4.63-13.el10_2.4?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_lua-0:2.4.63-13.el10_2.4.s390x",
                "product": {
                  "name": "mod_lua-0:2.4.63-13.el10_2.4.s390x",
                  "product_id": "mod_lua-0:2.4.63-13.el10_2.4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_lua@2.4.63-13.el10_2.4?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
                "product": {
                  "name": "mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
                  "product_id": "mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_proxy_html@2.4.63-13.el10_2.4?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_session-0:2.4.63-13.el10_2.4.s390x",
                "product": {
                  "name": "mod_session-0:2.4.63-13.el10_2.4.s390x",
                  "product_id": "mod_session-0:2.4.63-13.el10_2.4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_session@2.4.63-13.el10_2.4?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl-1:2.4.63-13.el10_2.4.s390x",
                "product": {
                  "name": "mod_ssl-1:2.4.63-13.el10_2.4.s390x",
                  "product_id": "mod_ssl-1:2.4.63-13.el10_2.4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl@2.4.63-13.el10_2.4?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
                "product": {
                  "name": "httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
                  "product_id": "httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debugsource@2.4.63-13.el10_2.4?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
                "product": {
                  "name": "httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
                  "product_id": "httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-core-debuginfo@2.4.63-13.el10_2.4?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
                "product": {
                  "name": "httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
                  "product_id": "httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.63-13.el10_2.4?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
                "product": {
                  "name": "httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
                  "product_id": "httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.63-13.el10_2.4?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
                "product": {
                  "name": "mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
                  "product_id": "mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.63-13.el10_2.4?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
                "product": {
                  "name": "mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
                  "product_id": "mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_lua-debuginfo@2.4.63-13.el10_2.4?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
                "product": {
                  "name": "mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
                  "product_id": "mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.63-13.el10_2.4?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
                "product": {
                  "name": "mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
                  "product_id": "mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.63-13.el10_2.4?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
                "product": {
                  "name": "mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
                  "product_id": "mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.63-13.el10_2.4?arch=s390x\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
                "product": {
                  "name": "httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
                  "product_id": "httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-filesystem@2.4.63-13.el10_2.4?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-manual-0:2.4.63-13.el10_2.4.noarch",
                "product": {
                  "name": "httpd-manual-0:2.4.63-13.el10_2.4.noarch",
                  "product_id": "httpd-manual-0:2.4.63-13.el10_2.4.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-manual@2.4.63-13.el10_2.4?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.63-13.el10_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64"
        },
        "product_reference": "httpd-0:2.4.63-13.el10_2.4.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.63-13.el10_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le"
        },
        "product_reference": "httpd-0:2.4.63-13.el10_2.4.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.63-13.el10_2.4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x"
        },
        "product_reference": "httpd-0:2.4.63-13.el10_2.4.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.63-13.el10_2.4.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src"
        },
        "product_reference": "httpd-0:2.4.63-13.el10_2.4.src",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.63-13.el10_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64"
        },
        "product_reference": "httpd-0:2.4.63-13.el10_2.4.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-core-0:2.4.63-13.el10_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64"
        },
        "product_reference": "httpd-core-0:2.4.63-13.el10_2.4.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-core-0:2.4.63-13.el10_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le"
        },
        "product_reference": "httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-core-0:2.4.63-13.el10_2.4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x"
        },
        "product_reference": "httpd-core-0:2.4.63-13.el10_2.4.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-core-0:2.4.63-13.el10_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64"
        },
        "product_reference": "httpd-core-0:2.4.63-13.el10_2.4.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64"
        },
        "product_reference": "httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le"
        },
        "product_reference": "httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x"
        },
        "product_reference": "httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64"
        },
        "product_reference": "httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64"
        },
        "product_reference": "httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le"
        },
        "product_reference": "httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x"
        },
        "product_reference": "httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64"
        },
        "product_reference": "httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64"
        },
        "product_reference": "httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le"
        },
        "product_reference": "httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debugsource-0:2.4.63-13.el10_2.4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x"
        },
        "product_reference": "httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64"
        },
        "product_reference": "httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.63-13.el10_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64"
        },
        "product_reference": "httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.63-13.el10_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le"
        },
        "product_reference": "httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.63-13.el10_2.4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x"
        },
        "product_reference": "httpd-devel-0:2.4.63-13.el10_2.4.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.63-13.el10_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64"
        },
        "product_reference": "httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-filesystem-0:2.4.63-13.el10_2.4.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch"
        },
        "product_reference": "httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.4.63-13.el10_2.4.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch"
        },
        "product_reference": "httpd-manual-0:2.4.63-13.el10_2.4.noarch",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.63-13.el10_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64"
        },
        "product_reference": "httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.63-13.el10_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le"
        },
        "product_reference": "httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.63-13.el10_2.4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x"
        },
        "product_reference": "httpd-tools-0:2.4.63-13.el10_2.4.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.63-13.el10_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64"
        },
        "product_reference": "httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64"
        },
        "product_reference": "httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le"
        },
        "product_reference": "httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x"
        },
        "product_reference": "httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64"
        },
        "product_reference": "httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.63-13.el10_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64"
        },
        "product_reference": "mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.63-13.el10_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le"
        },
        "product_reference": "mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.63-13.el10_2.4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x"
        },
        "product_reference": "mod_ldap-0:2.4.63-13.el10_2.4.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.63-13.el10_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64"
        },
        "product_reference": "mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64"
        },
        "product_reference": "mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le"
        },
        "product_reference": "mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x"
        },
        "product_reference": "mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64"
        },
        "product_reference": "mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_lua-0:2.4.63-13.el10_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64"
        },
        "product_reference": "mod_lua-0:2.4.63-13.el10_2.4.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_lua-0:2.4.63-13.el10_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le"
        },
        "product_reference": "mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_lua-0:2.4.63-13.el10_2.4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x"
        },
        "product_reference": "mod_lua-0:2.4.63-13.el10_2.4.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_lua-0:2.4.63-13.el10_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64"
        },
        "product_reference": "mod_lua-0:2.4.63-13.el10_2.4.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64"
        },
        "product_reference": "mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le"
        },
        "product_reference": "mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x"
        },
        "product_reference": "mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64"
        },
        "product_reference": "mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64"
        },
        "product_reference": "mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le"
        },
        "product_reference": "mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.63-13.el10_2.4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x"
        },
        "product_reference": "mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64"
        },
        "product_reference": "mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64"
        },
        "product_reference": "mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le"
        },
        "product_reference": "mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x"
        },
        "product_reference": "mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
        },
        "product_reference": "mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.63-13.el10_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64"
        },
        "product_reference": "mod_session-0:2.4.63-13.el10_2.4.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.63-13.el10_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le"
        },
        "product_reference": "mod_session-0:2.4.63-13.el10_2.4.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.63-13.el10_2.4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x"
        },
        "product_reference": "mod_session-0:2.4.63-13.el10_2.4.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.63-13.el10_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64"
        },
        "product_reference": "mod_session-0:2.4.63-13.el10_2.4.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64"
        },
        "product_reference": "mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le"
        },
        "product_reference": "mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x"
        },
        "product_reference": "mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64"
        },
        "product_reference": "mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.63-13.el10_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64"
        },
        "product_reference": "mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.63-13.el10_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le"
        },
        "product_reference": "mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.63-13.el10_2.4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x"
        },
        "product_reference": "mod_ssl-1:2.4.63-13.el10_2.4.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.63-13.el10_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64"
        },
        "product_reference": "mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64"
        },
        "product_reference": "mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le"
        },
        "product_reference": "mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x"
        },
        "product_reference": "mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
        },
        "product_reference": "mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-42516",
      "cwe": {
        "id": "CWE-93",
        "name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
      },
      "discovery_date": "2025-06-24T12:01:28.570000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2374549"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in httpd. The response headers are not sanitized before an HTTP response is sent when a malicious backend can insert a Content-Type, Content-Encoding, or some other headers. These issues lead to HTTP response splitting. This CVE provides a \"complete\" fix for CVE-2023-38709.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: incomplete fix for CVE-2023-38709",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw is only exploitable by a malicious backend or a malicious application, but may also affect forward proxy configurations.\n\nThis issue is classified as a Moderate vulnerability because successful exploitation requires a highly specific and constrained setup. Namely, the attacker must already have the ability to influence backend responses\u2014such as injecting malicious headers like Content-Type or Content-Encoding\u2014which typically implies a compromised or poorly controlled upstream service. In properly configured systems, frontend servers like Apache sanitize or strictly validate backend output, limiting exposure. Furthermore, HTTP response splitting does not inherently lead to remote code execution or privilege escalation on the server itself; instead, its effects are typically confined to manipulating client-side behavior such as caching or redirection.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
          "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-42516"
        },
        {
          "category": "external",
          "summary": "RHBZ#2374549",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374549"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-42516",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-42516"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42516",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42516"
        },
        {
          "category": "external",
          "summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "release_date": "2025-07-14T07:13:28.880000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-01T09:31:08+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:34109"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "httpd: incomplete fix for CVE-2023-38709"
    },
    {
      "cve": "CVE-2026-29169",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2026-05-04T15:01:18.611919+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2465296"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the mod_dav_lock module of httpd. This vulnerability allows a remote unauthenticated attacker to crash the server due to a NULL pointer dereference via a specially crafted request.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: NULL pointer dereference via specially crafted request",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue allows an unauthenticated remote attacker to crash the server via a specially crafted request. However, the mod_dav_lock module is obsolete and rarely enabled in modern environments. The only known use-case for the module was mod_dav_svn from Apache Subversion earlier than version 1.2.0. Due to this reason, this vulnerability has been rated with a low severity.\n\nThis flaw only affects configurations with mod_dav_lock loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
          "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-29169"
        },
        {
          "category": "external",
          "summary": "RHBZ#2465296",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2465296"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-29169",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-29169"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29169",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29169"
        },
        {
          "category": "external",
          "summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "release_date": "2026-05-04T14:48:29.832000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-01T09:31:08+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:34109"
        },
        {
          "category": "workaround",
          "details": "Disabling mod_dav_lock and restarting httpd will mitigate this flaw.",
          "product_ids": [
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "httpd: NULL pointer dereference via specially crafted request"
    },
    {
      "cve": "CVE-2026-34355",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2026-06-08T16:02:27.677660+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2486414"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability has been identified in the Apache HTTP Server. If the server is configured to connect to a malicious or compromised backend server, an attacker could exploit this flaw to bypass security controls or run unauthorized code on the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: Apache HTTP Server: Buffer overflow in mod_proxy_html allows security bypass",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Important vulnerability in `mod_proxy_html` within the Apache HTTP Server allows an untrusted backend to trigger a buffer overflow. This could lead to a security bypass or arbitrary code execution, posing a significant risk in environments where `httpd` is configured with untrusted backend services.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
          "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-34355"
        },
        {
          "category": "external",
          "summary": "RHBZ#2486414",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486414"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-34355",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-34355"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34355",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34355"
        },
        {
          "category": "external",
          "summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "release_date": "2026-06-08T15:20:30.900000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-01T09:31:08+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:34109"
        },
        {
          "category": "workaround",
          "details": "Disable the `mod_proxy_html` module if it is not essential for your Apache HTTP Server configuration. If `mod_proxy_html` is required, restrict its use to trusted backend servers only, employing network segmentation and access controls. After modifying the configuration, reload the httpd service for changes to apply, which may cause a brief service interruption.\n\nSteps to disable:\nOpen /etc/httpd/conf.modules.d/00-proxy.conf.\nAdd a # to comment out the line: LoadModule proxy_html_module modules/mod_proxy_html.so\nVerify configuration syntax: apachectl configtest\nApply the change gracefully: systemctl reload httpd",
          "product_ids": [
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "httpd: Apache HTTP Server: Buffer overflow in mod_proxy_html allows security bypass"
    },
    {
      "cve": "CVE-2026-34356",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2026-06-08T16:01:32.651836+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2486395"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Apache HTTP Server. This heap-based buffer overflow vulnerability can be exploited by a malicious backend server when using ProxyPassReverseCookie* directives. This could lead to a denial of service (DoS) condition, making the server unavailable to legitimate users.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: Apache HTTP Server: Heap-based Buffer Overflow via malicious backend servers",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw in Apache could allow a malicious backend server to crash your web server, making it unavailable to users. Your system is only at risk if you use Apache to forward traffic to untrusted or unverified backend systems.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
          "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-34356"
        },
        {
          "category": "external",
          "summary": "RHBZ#2486395",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486395"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-34356",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-34356"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34356",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34356"
        },
        {
          "category": "external",
          "summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "release_date": "2026-06-08T15:12:21.415000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-01T09:31:08+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:34109"
        },
        {
          "category": "workaround",
          "details": "To prevent this denial-of-service flaw, ensure your Apache proxy rules only connect to highly trusted backend servers. If you must proxy traffic to unverified or external backends, disable the cookie-rewriting features.\n\nSteps to Mitigate:\n\nOpen your Apache configuration file (e.g., /etc/httpd/conf/httpd.conf).\nLocate and comment out any ProxyPassReverseCookieDomain or ProxyPassReverseCookiePath lines pointing to untrusted backends by adding a # at the start of the line.\nTest your syntax: apachectl configtest\nApply changes gracefully: systemctl reload httpd\nNote: This may cause a brief service interruption.",
          "product_ids": [
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "httpd: Apache HTTP Server: Heap-based Buffer Overflow via malicious backend servers"
    },
    {
      "cve": "CVE-2026-42536",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2026-06-08T16:02:19.284204+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2486411"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Apache HTTP Server, specifically within the mod_xml2enc module. This heap-based buffer overflow vulnerability can be triggered when processing untrusted content through the xml2StartParse function. A remote attacker could potentially exploit this to cause a denial of service, information disclosure, or possibly arbitrary code execution.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: Apache HTTP Server: Heap-based Buffer Overflow via untrusted content in mod_xml2enc",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In Red Hat Enterprise Linux (RHEL), the httpd package includes mod_xml2enc, which provides encoding support for filters like mod_proxy_html. Because this flaw relies on processing unvetted or untrusted input text lengths, the impact presents a high risk to availability (Denial of Service via worker crashes) and a potential risk to confidentiality if an attacker is capable of executing remote code within the context of the apache or httpd daemon process.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
          "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42536"
        },
        {
          "category": "external",
          "summary": "RHBZ#2486411",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486411"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42536",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42536"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42536",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42536"
        },
        {
          "category": "external",
          "summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "release_date": "2026-06-08T15:23:46.290000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-01T09:31:08+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:34109"
        },
        {
          "category": "workaround",
          "details": "To mitigate this vulnerability, disable the `mod_xml2enc` module if its functionality for XML internationalization is not essential. This can be done by commenting out the `LoadModule xml2enc_module modules/mod_xml2enc.so` directive in the Apache HTTP Server configuration. A service restart is required for the change to take effect.\n\n```bash\n# Edit the Apache configuration file, e.g., /etc/httpd/conf.modules.d/00-base.conf\n# Comment out the line:\n# LoadModule xml2enc_module modules/mod_xml2enc.so\n\n# Reload the httpd service\nsudo systemctl reload httpd\n```\n\n*Note: Disabling `mod_xml2enc` will cause any configurations relying heavily on `mod_proxy_html` or raw HTML/XML encoding conversions to function incorrectly or fail. Red Hat strongly recommends upgrading to a patched version of `httpd` as soon as it becomes available for your specific RHEL channel.*",
          "product_ids": [
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "httpd: Apache HTTP Server: Heap-based Buffer Overflow via untrusted content in mod_xml2enc"
    },
    {
      "cve": "CVE-2026-44185",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "discovery_date": "2026-06-08T16:01:37.898883+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2486397"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Apache HTTP Server. This buffer over-read vulnerability occurs when the server processes outbound Online Certificate Status Protocol (OCSP) requests directed to an attacker-controlled OCSP server. This could allow a remote attacker to read sensitive information from memory or cause a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: Apache HTTP Server: Buffer Over-read via outbound OCSP requests to attacker-controlled server",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "A critical buffer over-read flaw in Apache HTTP Server occurs when it performs outbound OCSP requests. If a server connects to an attacker-controlled OCSP responder, a remote attacker can leak sensitive memory data or trigger a denial of service (DoS). This risk depends entirely on the server\u0027s OCSP configuration and endpoint trustworthiness.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
          "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-44185"
        },
        {
          "category": "external",
          "summary": "RHBZ#2486397",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486397"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-44185",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-44185"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44185",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44185"
        },
        {
          "category": "external",
          "summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "release_date": "2026-06-08T15:22:11.809000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-01T09:31:08+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:34109"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, ensure that Apache HTTP Server is configured to only communicate with trusted OCSP responders. If OCSP validation or stapling is not a critical requirement for your deployment, consider disabling it. This can be achieved by adjusting mod_ssl directives in your Apache HTTP Server configuration. \n\nFor example, add or modify the following lines:\n\n~~~\nSSLOCSPEnable off\nSSLUseStapling off\n~~~\n\nAfter modifying the configuration, reload the httpd service for the changes to take effect safely without interrupting active connections:\n\n~~~\nsudo systemctl reload httpd\n~~~",
          "product_ids": [
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "httpd: Apache HTTP Server: Buffer Over-read via outbound OCSP requests to attacker-controlled server"
    },
    {
      "cve": "CVE-2026-44631",
      "cwe": {
        "id": "CWE-124",
        "name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
      },
      "discovery_date": "2026-06-08T16:01:43.891910+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2486399"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Apache HTTP Server. This buffer underwrite vulnerability occurs when processing crafted regular expressions in the server\u0027s configuration. An attacker could potentially exploit this to cause a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: Apache HTTP Server: Denial of Service via crafted regular expressions",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Moderate impact buffer underwrite flaw in Apache HTTP Server can lead to a denial of service. The vulnerability occurs when processing specially crafted regular expressions within the server\u0027s configuration. Exploitation requires a high attack complexity, indicating that specific conditions or a complex attack vector are necessary, thereby limiting the practical risk in typical Red Hat deployments where configuration changes are tightly controlled.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
          "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
          "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
          "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-44631"
        },
        {
          "category": "external",
          "summary": "RHBZ#2486399",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486399"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-44631",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-44631"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44631",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44631"
        },
        {
          "category": "external",
          "summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "release_date": "2026-06-08T15:19:23.570000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-01T09:31:08+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:34109"
        },
        {
          "category": "workaround",
          "details": "Only loadtrustedApache configuration; the bug triggers oncrafted regexin config at start/reload (DirectoryMatch,Directory ~,ProxyMatch, etc.).\nKeep AllowOverride None where possible so untrusted users cannot inject regex via .htaccess.\nRestrict who can change httpdconfig and reload the service.",
          "product_ids": [
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.src",
            "AppStream-10.2.Z:httpd-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-core-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-debugsource-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-devel-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-filesystem-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-manual-0:2.4.63-13.el10_2.4.noarch",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:httpd-tools-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ldap-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_lua-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_proxy_html-debuginfo-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_session-debuginfo-0:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-1:2.4.63-13.el10_2.4.x86_64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.aarch64",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.ppc64le",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.s390x",
            "AppStream-10.2.Z:mod_ssl-debuginfo-1:2.4.63-13.el10_2.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "httpd: Apache HTTP Server: Denial of Service via crafted regular expressions"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…